June 5, 2026

CVE Watchtower


← Back to CVE List

CVE-2026-50591NVD

Vulnerability Summary

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, XSS can occur via stored user preferences.
Severity Level
MEDIUM(5.4)
Published Date
Jun 5, 2026
Last Modified
Jun 5, 2026
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-79: Cross-site Scripting (XSS) β†—
The software does not neutralize user-controllable input before it is placed in output that is used as a web page.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone

External References