Sprout Clients

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-32424 MEDIUM This Month

BoldGrid Sprout Clients contains a Stored Cross-Site Scripting (XSS) vulnerability in web page generation that allows authenticated users to inject and execute arbitrary JavaScript. The vulnerability affects Sprout Clients version 3.2.2 and earlier, enabling attackers with login credentials to compromise other users viewing affected pages. While the CVSS score of 6.5 indicates medium severity with network accessibility and low attack complexity, the stored nature of the XSS and requirement for user interaction (UI:R) limits immediate widespread automated exploitation.

XSS Sprout Clients
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32424
EPSS 0% CVSS 6.5
MEDIUM This Month

BoldGrid Sprout Clients contains a Stored Cross-Site Scripting (XSS) vulnerability in web page generation that allows authenticated users to inject and execute arbitrary JavaScript. The vulnerability affects Sprout Clients version 3.2.2 and earlier, enabling attackers with login credentials to compromise other users viewing affected pages. While the CVSS score of 6.5 indicates medium severity with network accessibility and low attack complexity, the stored nature of the XSS and requirement for user interaction (UI:R) limits immediate widespread automated exploitation.

XSS Sprout Clients
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy