Dernekweb · Dernekweb · CVE-2026-7498
**Name of the Vulnerable Software and Affected Versions**
DernekWeb versions prior to 30122025
**Description**
Improper neutralization of input during web page generation allows for Stored Cross-Site Scripting (XSS), a condition where malicious scripts are permanently stored on the target server and later executed in the browser of a user visiting the affected page.
**Recommendations**
Update to a version newer than 30122025.