← Voltar para CVEs
CVE-2026-27787
N/ADescricao
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado4/8/2026
Ultima modificacao4/17/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
icz:matcha_sns
Fraquezas (CWE)
CWE-79
Referencias
https://jvn.jp/en/jp/JVN33581068/(vultures@jpcert.or.jp)
https://oss.icz.co.jp/news/?p=1388(vultures@jpcert.or.jp)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.