Unrated severityNVD Advisory· Published Jan 16, 2026· Updated Jan 27, 2026
Stored XSS in Time Entry Audit Trail
CVE-2026-0695
Description
In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the Time Entry Audit Trail may be rendered without applying output encoding to certain content. Under specific conditions, this may allow stored script code to execute in the context of a user’s browser when the affected content is displayed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2026.1+ 1 more
- (no CPE)range: <2026.1
- (no CPE)range: All versions prior to 2026.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.