Skip to main content

EasyFlow .NET EUVDEUVD-2026-38222

| CVE-2026-12580 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-06-22 twcert GHSA-x6g3-x68w-mv5x
5.1
CVSS 4.0 · Vendor: twcert
Share

Severity by source

Vendor (twcert) PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Network-reachable stored XSS requiring low-privilege auth (PR:L) and passive victim page load (UI:R); scope change to browser session (S:C) with low C/I impact, no availability effect.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (twcert).

CVSS VectorVendor: twcert

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 22, 2026 - 10:17 vuln.today

DescriptionCVE.org

EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load.

AnalysisAI

Stored Cross-Site Scripting in Digiwin's EasyFlow .NET workflow platform enables authenticated low-privilege attackers to inject persistent JavaScript that executes in other users' browsers on page load. The CVSS 4.0 vector (PR:L/UI:P/SC:L/SI:L) confirms the attacker requires a valid low-privilege account to plant the payload, while victims trigger execution passively by navigating to affected pages - including administrators who may have elevated session privileges worth hijacking. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege EasyFlow .NET account
Delivery
Identify stored-render input field lacking output encoding
Exploit
Inject persistent JavaScript payload into application data
Execution
Victim user navigates to affected page (passive trigger)
Persist
Payload executes in victim browser session
Impact
Exfiltrate session token or perform actions as victim

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold a valid authenticated account in EasyFlow .NET with at least low-privilege access, as confirmed by the CVSS 4.0 PR:L metric. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.1 (Medium) accurately reflects the constrained but realistic exploitation conditions. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated low-privilege user - such as a business partner or internal staff member with basic EasyFlow .NET access - submits a workflow form or comment field containing a JavaScript payload designed to exfiltrate the session cookie of any viewer. The payload is persisted server-side and silently executes in the browsers of all subsequent users who navigate to the affected page, including administrators, enabling the attacker to hijack privileged sessions and perform actions within the application on their behalf. …
Remediation Consult the TWCERT English advisory at https://www.twcert.org.tw/en/cp-139-10981-8617d-2.html for the vendor-issued patch; no exact fixed version number is confirmed in the available intelligence data and the patch status should be verified directly with Digiwin before assuming coverage. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-38222 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy