PT-2026-45724 · Unknown · Wirtualna Uczelnia
CVE-2026-34907
·
Published
2026-06-02
·
Updated
2026-06-02
CVSS v4.0
5.1
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
Name of the Vulnerable Software and Affected Versions
Wirtualna Uczelnia versions prior to wu#2016.437.295#0#20260327 105545
Description
Reflected Cross-Site Scripting (XSS) occurs due to insecure handling of the
locale parameter across multiple endpoints. An attacker can craft a malicious URL containing JavaScript within the locale parameter; when a victim opens this link, the injected script executes in their browser.Recommendations
Update to a version newer than wu#2016.437.295#0#20260327 105545.
Avoid using the
locale parameter in affected endpoints until the update is applied.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wirtualna Uczelnia