PT-2026-2103 · Unknown · Tarkov Data Manager
Sut0L
·
Published
2026-01-07
·
Updated
2026-02-03
·
CVE-2026-21855
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Tarkov Data Manager versions prior to 02 January 2025
Description
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting (XSS) vulnerability exists in the toast notification system. This allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious URL. The vulnerability was addressed with a series of fix commits on 02 January 2025.
Recommendations
Versions prior to 02 January 2025 should be updated.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tarkov Data Manager