CVE-2026-38936

Description

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter

References

• http://diskover-community.com
• http://diskoverdata.com
• https://github.com/VadlaReddySai/diskoverdata-cve-writeups/blob/main/CVE-2026-38936
• https://github.com/VadlaReddySai/diskoverdata-cve-writeups/blob/main/CVE-2026-38936