CVE-2026-7677

Name of the Vulnerable Software and Affected Versions kerwincui FastBee versions prior to 1.2.2

Description A cross-site scripting issue exists in the System Notice Handler component. A remote attacker can exploit this by manipulating the noticeContent argument within the Add() function of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.