PT-2026-36088 · Unknown · Lex Baza Dokumentów

Marek Figielski

Published

2026-04-30

Updated

2026-05-05

CVE-2026-1493

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions LEX Baza Dokumentów versions prior to 1.3.4

Description DOM-based Cross-Site Scripting (XSS) occurs when the application unsafely processes the em cookie parameter on the client side. This allows an attacker to execute arbitrary JavaScript within the victim's browser context. An attacker capable of setting a cookie could potentially increase the severity of the attack.

Recommendations Update to version 1.3.4.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-1493

Affected Products

Lex Baza Dokumentów

PT-2026-36088 · Unknown · Lex Baza Dokumentów

CVE-2026-1493

Weakness Enumeration

Related Identifiers

Affected Products

References · 6