2026-03-30 00:00:00
mitre
PUBLISHED
Multiple stored cross-site scripting (XSS) vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, Whats news, or Release note parameters.