Unrated severityNVD Advisory· Published Mar 9, 2026· Updated Mar 10, 2026

facileManager Affected by Stored Cross-Site Scripting (XSS)

CVE-2026-30919

Description

facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS (also known as persistent or second-order XSS) occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. This vulnerability was found in the fmDNS module. This vulnerability is fixed in 6.0.4.

Affected products

Facilemanager/Facilemanagerllm-fuzzy2 versions
<6.0.4+ 1 more
- (no CPE)range: <6.0.4
- (no CPE)range: 5.4.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/facileManager/facileManager/security/advisories/GHSA-2339-h9qw-q6vfmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000