Skip to main content

Vulnogram CVE-2026-32774

| EUVDEUVD-2026-12188 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-14 VulnCheck GHSA-vggc-6pg2-xvp9
6.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Patch released
Mar 20, 2026 - 18:26 nvd
Patch available
EUVD ID Assigned
Mar 14, 2026 - 22:00 euvd
EUVD-2026-12188
Analysis Generated
Mar 14, 2026 - 22:00 vuln.today
CVE Published
Mar 14, 2026 - 21:44 nvd
MEDIUM 6.4

DescriptionCVE.org

Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers.

AnalysisAI

A cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts (CVSS 6.4) that allows attackers. Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Technical ContextAI

CWE-79 (Cross-site Scripting). Affects comment hypertext handling that allows attackers to inject malicious scripts.

RemediationAI

Apply the vendor-supplied patch immediately.

Share

CVE-2026-32774 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy