CVE-2026-4847

Name of the Vulnerable Software and Affected Versions dameng100 muucmf version 1.9.5.20260309

Description A cross site scripting issue exists due to manipulation of the Name argument. The issue is located in an unknown function within the file '/admin/config/list.html'. The attack can be initiated remotely. The exploit has been publicly released. The vendor was contacted but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.