Skip to main content

Matcha Sns

1 CVEs product

Monthly

CVE-2026-27787 MEDIUM This Month

Stored cross-site scripting (XSS) in MATCHA SNS 1.3.9 and earlier allows authenticated users to inject arbitrary scripts that execute in the browsers of other users accessing affected pages, potentially leading to session hijacking, credential theft, or malware distribution. CVSS 5.4 reflects the requirement for user interaction and authenticated access; no public exploit code or active exploitation has been identified at the time of analysis.

XSS Matcha Sns
NVD
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in MATCHA SNS 1.3.9 and earlier allows authenticated users to inject arbitrary scripts that execute in the browsers of other users accessing affected pages, potentially leading to session hijacking, credential theft, or malware distribution. CVSS 5.4 reflects the requirement for user interaction and authenticated access; no public exploit code or active exploitation has been identified at the time of analysis.

XSS Matcha Sns
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy