CVE-2026-10607

HIGH NVD

CVSS Score 7.3

Severity HIGH

Published Jun 02, 2026

Vendor unknown

Description

A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument msg leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

References

https://vuldb.com/cve/CVE-2026-10607
https://vuldb.com/submit/829414
https://vuldb.com/vuln/367914
https://vuldb.com/vuln/367914/cti