VYPR
← All advisories
Medium severity6.5NVD Advisory· Published Apr 11, 2026· Updated Apr 17, 2026

CVE-2026-23900

CVE-2026-23900

Description

Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered.

Affected products

2
  • Phoca/Maps2 versions
    cpe:2.3:a:phoca:maps:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phoca:maps:*:*:*:*:*:*:*:*range: >=5.0.0,<=6.0.2
    • (no CPE)range: 5.0.0-6.0.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.