GHSA-g36v-xj2q-4799Medium

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a...

Published
June 1, 2026
Last Modified
June 1, 2026

🔗 CVE IDs covered (1)

📋 Description

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser.

This issue affects SOPlanning version 1.55 and below.

🔗 References (4)