CVE-2026-1429

Medium CVSS: 4.8

Single Sign-On Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

Vendor

Wellchoose

Product

Single Sign-on Portal System

CWE

CWE-79

Yayın Tarihi

2026-01-26 09:15:47

Güncelleme

2026-03-11 22:44:48

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-79 Single Sign-on Portal System MEDIUM Wellchoose 2026

Referanslar

https://www.twcert.org.tw/en/cp-139-10655-59160-2.html https://www.twcert.org.tw/tw/cp-132-10654-23f40-1.html

Benzer Kayıtlar

Critical

CVE-2026-3826

IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to exe…

Medium

CVE-2026-3824

IFTOP developed by WellChoose has an Open redirect vulnerability, allowing authenticated remote attackers to craft a URL…

Medium

CVE-2026-3825

IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attacker…

High

CVE-2026-1428

Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated re…

High

CVE-2026-1427

Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated re…

Critical

CVE-2025-8913

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated re…