Skip to main content

Okrs Goals

1 CVEs product

Monthly

CVE-2026-5005 MEDIUM PATCH This Month

Stored XSS in Twiser OKRs & Goals (builds 28220 through pre-28398) allows authenticated low-privileged users to inject persistent malicious scripts that execute in other authenticated users' browsers. The CVSS scope change (S:C) confirms cross-user impact - a hallmark of stored XSS where one user's injected payload affects others who subsequently view the same content. No public exploit code or CISA KEV listing has been identified at time of analysis, placing this firmly in standard patch-cycle priority.

XSS Okrs Goals
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Stored XSS in Twiser OKRs & Goals (builds 28220 through pre-28398) allows authenticated low-privileged users to inject persistent malicious scripts that execute in other authenticated users' browsers. The CVSS scope change (S:C) confirms cross-user impact - a hallmark of stored XSS where one user's injected payload affects others who subsequently view the same content. No public exploit code or CISA KEV listing has been identified at time of analysis, placing this firmly in standard patch-cycle priority.

XSS Okrs Goals
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy