CVE-2026-50592 PUBLISHED

Assigner: mitre
Reserved: 05.06.2026 Published: 05.06.2026 Updated: 05.06.2026

In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in

AdminCommunicationLog (aka the communication log administration view).

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
CVSS Score: 6.4

Product Status

Vendor Znuny
Product Znuny
Versions Default: unknown
  • affected from 0 to 6.5.21 (excl.)
  • affected from 7.0.0 to 7.3.3 (excl.)

References

Problem Types

  • CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') CWE