CVE-2026-38936 | THREATINT

Description

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter

PUBLISHED Reserved 2026-04-06 | Published 2026-04-27 | Updated 2026-04-27 | Assigner mitre

References

github.com/...overdata-cve-writeups/blob/main/CVE-2026-38936 exploit

diskover-community.com

diskoverdata.com

github.com/...overdata-cve-writeups/blob/main/CVE-2026-38936

cve.org (CVE-2026-38936)

nvd.nist.gov (CVE-2026-38936)

Download JSON

help @ threatint.eu