CVE-2026-26378
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jun 03, 2026
Vendor
unknown
Description
Cross Site Scripting vulnerability in Koha 25.11 and before allows a remote attacker to execute arbitrary code via file upload function in Invoice features