Vulnerabilities

CVE-2026-1136 - lcg0124 BootDo ContentController save cross site scripting

2026-01-19 0 views admin

CVE ID : CVE-2026-1136 Published : Jan. 19, 2026, 4:15 a.m. | 1 hour, 24 minutes ago Description : A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bContent/save of the component ContentController. This manipulation of the argument content/author/title causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-1136

Severity

MEDIUM

Published

Jan. 19, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-1136medium

CVE-2026-1136 - lcg0124 BootDo ContentController save cross site scripting

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-1137 - UTT 进取 520W formWebAuthGlobalConfig strcpy buffer overflow

CVE-2026-1139 - UTT 进取 520W ConfigExceptMSN strcpy buffer overflow

CVE-2026-1138 - UTT 进取 520W ConfigExceptQQ strcpy buffer overflow

CVE-2026-1131 - Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3