CVE-2026-30139

MEDIUM NVD

CVSS Score 6.1

Severity MEDIUM

Published Apr 22, 2026

Vendor unknown

Description

A reflected cross-site scripting (XSS) vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in the context of a user's browser via crafted input.

References

https://github.com/Silverpeas/Silverpeas-Core/pull/1421
https://github.com/bodd1593/CVEs-huyle/tree/main/CVE-2026-30139
https://github.com/bodd1593/CVEs-huyle/tree/main/CVE-2026-30139