CVE-2026-3953

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published May 07, 2026

Vendor unknown

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting (XSS), Reflected XSS. This issue affects Proticaret E-Commerce: from v5.0.0 before V 6.0.1767.1383.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0180