PT-2026-38425 · Unknown · Divvydrive
Alperen Keski̇n
·
Published
2026-05-07
·
Updated
2026-05-07
·
CVE-2026-5784
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DivvyDrive versions 4.8.2.9 through 4.8.3.1
Description
DivvyDrive contains a stored cross-site scripting (XSS) flaw, which occurs when the application fails to properly neutralize input during the generation of web pages. This allows an attacker to store malicious scripts on the server that are later executed in the browsers of other users.
Recommendations
Update to version 4.8.3.2.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Divvydrive