Skip to main content

Loggro Pymes CVE-2026-1960

Cross-site Scripting (XSS) (CWE-79)
2026-02-09 cve-coordination@incibe.es

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 09, 2026 - 12:15 nvd
N/A

DescriptionCVE.org

Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.

Analysis

Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.

Technical ContextAI

Classified as CWE-79 (Cross-site Scripting (XSS)). Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.

Affected ProductsAI

Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.

RemediationAI

Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers.

Share

CVE-2026-1960 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy