Security Advisory

CVE-2026-3317

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-21 09:03:59

Last updated 2026-04-21 13:22:03

Assigner INCIBE

State PUBLISHED

Description

Reflected Cross-Site Scripting (XSS) vulnerability in Navigate Content Management System. The vulnerability is present in the /blog endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker to execute JavaScript code in the victims browser.

← Browse all CVEs View on cve.org ↗