CVE-2026-29971

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 27, 2026

Vendor unknown

Description

A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version 2.31.1. User-controlled input is reflected into HTML and JavaScript contexts without proper output encoding, allowing arbitrary JavaScript execution in the victim's browser.

References

https://github.com/Tharooon/CVE-2026-29971/
https://www.webfilesys.de/