PT-2026-29727 · Mark O'Donnell · Mstw League Manager
Conor Sullivan
·
Published
2026-04-02
·
Updated
2026-04-02
·
CVE-2026-34890
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Mark O’Donnell MSTW League Manager versions through 2.10
Description
Mark O’Donnell MSTW League Manager is susceptible to a DOM-Based Cross-Site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for potential malicious code execution within the context of the user's browser.
Recommendations
Update Mark O’Donnell MSTW League Manager to a version later than 2.10.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mstw League Manager