Wirtualna Uczelnia

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-34906	Wirtualna Uczelnia Wirtualna Uczelnia	Cri	0.60	—	—		Jun 2, 2026	Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template…
CVE-2026-34907	Wirtualna Uczelnia Wirtualna Uczelnia	Med	0.33	—	—		Jun 2, 2026	Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting (XSS) due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim…

CVE-2026-34906CriJun 2, 2026
Wirtualna Uczelnia
Wirtualna Uczelnia
risk 0.60cvss —epss —
Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter, insufficient input validation permits injection of arbitrary template…
CVE-2026-34907MedJun 2, 2026
Wirtualna Uczelnia
Wirtualna Uczelnia
risk 0.33cvss —epss —
Wirtualna Uczelnia is vulnerable to Reflected Cross‑Site Scripting (XSS) due to insecure handling of the locale parameter across multiple endpoints. An attacker can craft a malicious URL with JavaScript embedded in the locale parameter and send it to a victim. When the victim…