VYPR
Unrated severityNVD Advisory· Published Mar 16, 2026· Updated Mar 16, 2026

Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web

CVE-2026-3024

Description

Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wakyma/Wakymallm-fuzzy
  • Wakyma/Wakyma application webv5
    Range: all versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2026-3024 · VYPR