Skip to main content

Lex Baza Dokument W

1 CVEs product

Monthly

CVE-2026-1493 MEDIUM PATCH This Month

DOM-based cross-site scripting in LEX Baza Dokumentów through version 1.3.3 allows attackers to execute arbitrary JavaScript in victim browsers via unsafe processing of the 'em' cookie parameter on the client side. Exploitation requires local access and user interaction, and the attacker must have the ability to set a cookie, significantly limiting real-world attack surface. The vendor has released patch version 1.3.4 to address this vulnerability.

XSS Lex Baza Dokument W
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

DOM-based cross-site scripting in LEX Baza Dokumentów through version 1.3.3 allows attackers to execute arbitrary JavaScript in victim browsers via unsafe processing of the 'em' cookie parameter on the client side. Exploitation requires local access and user interaction, and the attacker must have the ability to set a cookie, significantly limiting real-world attack surface. The vendor has released patch version 1.3.4 to address this vulnerability.

XSS Lex Baza Dokument W
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy