CVE-2026-10234 – Mettle sendportal Campaign webview cross site scripting

CVE ID :CVE-2026-10234

Published : June 1, 2026, 8:16 a.m. | 16 minutes ago

Description :A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Severity: 4.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-45192 – Apache Airflow: Incomplete Redaction of Sensitive Fields in Connection Extra API Response

CVE-2026-35563 – Apache Directory LDAP API: LDAP client implementation does not verify if the server certificate matches the intended LDAP hostname

CVE-2026-10235 – CodeAstro Ingredients Stock Management System stock_manager.php sql injection

CVE-2026-10233 – Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos out-of-bounds