Unknown · Lex Baza Dokumentów · CVE-2026-1493
**Name of the Vulnerable Software and Affected Versions**
LEX Baza Dokumentów versions prior to 1.3.4
**Description**
DOM-based Cross-Site Scripting (XSS) occurs when the application unsafely processes the `em` cookie parameter on the client side. This allows an attacker to execute arbitrary JavaScript within the victim's browser context. An attacker capable of setting a cookie could potentially increase the severity of the attack.
**Recommendations**
Update to version 1.3.4.