CVE-2026-3024

Name of the Vulnerable Software and Affected Versions Wakyma (affected versions not specified)

Description A stored Cross-Site Scripting (XSS) issue exists in the Wakyma web application. The vulnerability is located in the 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento' endpoint. A user with permission to create personalized accounts can exploit this by creating a malicious survey, potentially harming the veterinary team. A low-privileged user could also exploit this to access unauthorized data and perform actions with elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.