CVE-2026-29969

216.73.217.22

· Published 26/03/2026 19:16 · Modified 26/03/2026 19:16

Labels: CVE-2026-29969 2026-03-26 CVE-2026-29969 [email protected]

Essential information

Published: 26/03/2026 19:16
Modified: 26/03/2026 19:16
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted HTTP request.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
staffwiki / staffwiki	`cpe:2.3:a:staffwiki:staffwiki:7.0.1.19219:::::::*`

CVE-2026-29969

Essential information

Description

NVD status

Affected products (CPE)

References