PT-2026-52983 · Undefined · Undefined

Published

2026-06-26

Updated

2026-06-26

CVE-2026-50767

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

A stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the item type check-in message field (checkinmsg)

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-50767

Affected Products

Undefined

PT-2026-52983 · Undefined · Undefined

CVE-2026-50767

Related Identifiers

Affected Products

References · 3