PT-2026-21571 · Xingfuggz · Baykeshop

Jeremy2214

Published

2026-02-23

Updated

2026-02-24

CVE-2026-3041

CVSS v2.0

3.3

Low

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions xingfuggz BaykeShop versions up to 1.3.20

Description A security issue exists in xingfuggz BaykeShop, specifically within the Article Sidebar Module. Manipulation of the sidebar.content argument in the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed.

Recommendations Versions prior to 1.3.20 should be updated. As a temporary workaround, consider restricting or disabling the Article Sidebar Module until a fix is available.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2026-3041

Affected Products

Baykeshop

PT-2026-21571 · Xingfuggz · Baykeshop

CVE-2026-3041

Weakness Enumeration

Related Identifiers

Affected Products

References · 10