Unrated severityNVD Advisory· Published Oct 31, 2022· Updated May 6, 2025
e-Excellence Inc. U-Office Force - Stored XSS
CVE-2022-39026
Description
U-Office Force UserDefault page has insufficient filtering for special characters in the HTTP header fields. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform XSS (Stored Cross-Site Scripting) attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.