← Volver a CVEs
CVE-2026-27787
N/ADescripcion
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado4/8/2026
Ultima modificacion4/17/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
icz:matcha_sns
Debilidades (CWE)
CWE-79
Referencias
https://jvn.jp/en/jp/JVN33581068/(vultures@jpcert.or.jp)
https://oss.icz.co.jp/news/?p=1388(vultures@jpcert.or.jp)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.