CVE-2026-27787

MEDIUM NVD

CVSS Score 5.4

Severity MEDIUM

Published Apr 08, 2026

Vendor unknown

Description

Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.

References

https://jvn.jp/en/jp/JVN33581068/
https://oss.icz.co.jp/news/?p=1388