CVE-2026-1434

Name of the Vulnerable Software and Affected Versions Omega-PSIR versions prior to 4.6.7

Description Omega-PSIR is susceptible to a Reflected Cross-Site Scripting (XSS) issue. An attacker can create a malicious URL utilizing the lang parameter. When a user opens this URL, it can lead to the execution of arbitrary JavaScript code within the user's browser. The vulnerable parameter is lang. The affected API endpoint is not specified.

Recommendations Update Omega-PSIR to version 4.6.7 or later.