CVE-2026-8253 in ERP Onlinethông tin

Tóm tắt

Bởi MITRE • 11/05/2026

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. Affected by this vulnerability is an unknown functionality of the file /inventory/purchase_save. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

chịu trách nhiệm

VulDB

Tiết lộ

11/05/2026

Kiểm duyệt

được chấp nhận

mục

VDB-362550

CPE

sẵn sàng

CWE

CWE-79 (Đã xác nhận)

Khai thác

Tải xuống

CVSS

2.4 (VulDB)

EPSS

0.00030

KEV

không

Các hoạt động

rất thấp

ngành

Energy, Finance, ...

Nguồn

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-8253
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-8253
CVE Details	https://www.cvedetails.com/cve/CVE-2026-8253/

◂ Trước Tổng Quan Tiếp theo ▸

Want to know what is going to be exploited?

We predict KEV entries!