1. Home
  2. CVE Database
  3. CVE-2026-32774
MEDIUM · 6.4

CVE-2026-32774

Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through c...

Vulnerability Description

Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers.

CVSS Score

6.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
VulnogramVulnogram1.0.0

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2026-32774?

CVE-2026-32774 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through c...

How severe is CVE-2026-32774?

CVE-2026-32774 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-32774?

Check the references section above for vendor advisories and patch information. Affected products include: Vulnogram Vulnogram.