Skip to main content

Mezunum Satiyorum

1 CVEs product

Monthly

CVE-2026-3251 MEDIUM This Month

Stored cross-site scripting in Mezunum Satiyorum (versions 1.2.504 through 10072026) allows a low-privileged authenticated attacker to inject persistent malicious scripts into web pages served to other users. The scope change (S:C) in the CVSS vector confirms the payload executes in the victim's browser context, enabling session hijacking, credential theft, or malicious redirects against any user who loads the affected page. No public exploit code has been identified at time of analysis, and the vendor did not respond to TR-CERT's disclosure, leaving the vulnerability unpatched.

XSS Mezunum Satiyorum
NVD
CVSS 3.1
6.4
EPSS
0.1%
EPSS 0% CVSS 6.4
MEDIUM This Month

Stored cross-site scripting in Mezunum Satiyorum (versions 1.2.504 through 10072026) allows a low-privileged authenticated attacker to inject persistent malicious scripts into web pages served to other users. The scope change (S:C) in the CVSS vector confirms the payload executes in the victim's browser context, enabling session hijacking, credential theft, or malicious redirects against any user who loads the affected page. No public exploit code has been identified at time of analysis, and the vendor did not respond to TR-CERT's disclosure, leaving the vulnerability unpatched.

XSS Mezunum Satiyorum
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy