Skip to main content

Wirtualna Uczelnia

1 CVEs product

Monthly

CVE-2026-34907 MEDIUM This Month

Reflected XSS in Wirtualna Uczelnia (Simple SA) allows unauthenticated remote attackers to execute arbitrary JavaScript in victims' browsers by embedding payloads in the locale parameter across multiple application endpoints. All versions up to wu#2016.437.295#0#20260327_105545 are affected; the flaw was disclosed by CERT-PL and catalogued under ENISA EUVD-2026-33903. No public exploit or CISA KEV listing is confirmed at time of analysis, but the zero-privilege, low-complexity attack vector makes social-engineering-driven exploitation straightforward for any attacker who can induce a victim to click a crafted URL.

XSS Wirtualna Uczelnia
NVD
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 5.1
MEDIUM This Month

Reflected XSS in Wirtualna Uczelnia (Simple SA) allows unauthenticated remote attackers to execute arbitrary JavaScript in victims' browsers by embedding payloads in the locale parameter across multiple application endpoints. All versions up to wu#2016.437.295#0#20260327_105545 are affected; the flaw was disclosed by CERT-PL and catalogued under ENISA EUVD-2026-33903. No public exploit or CISA KEV listing is confirmed at time of analysis, but the zero-privilege, low-complexity attack vector makes social-engineering-driven exploitation straightforward for any attacker who can induce a victim to click a crafted URL.

XSS Wirtualna Uczelnia
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy