2026-01-21 17:27:38
VulnCheck
PUBLISHED
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboards Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the Default Icon.