CVE-2026-54221

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Jun 18, 2026

Vendor unknown

Description

UBB.threads is vulnerable to Reflected XSS. The application improperly handles user input in certain requests, enabling attackers to execute arbitrary JavaScript in the context of a victim's browser by tricking them into clicking a crafted link. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

References

https://cert.pl/en/posts/2026/06/CVE-2026-54219
https://www.ubbcentral.com/