Cross-Site Scripting Vulnerability in ValeApp by OceanicSoft Informatics Systems Ltd
CVE-2026-2342
9.3CRITICAL
Key Information:
- Status
- Vendor
- CVE Published:
- 9 July 2026
What is CVE-2026-2342?
A cross-site scripting vulnerability exists in ValeApp, developed by OceanicSoft Informatics Systems Ltd. This flaw arises from improper handling of user input, allowing an attacker to inject and store malicious scripts in the application. When untrusted users view the affected web pages, these scripts are executed in their browsers, potentially leading to unauthorized actions or data theft. The issue is particularly concerning as the vendor has not responded to disclosure efforts, thereby leaving users at risk. Users are advised to review their application's input validation procedures and implement necessary patches as they become available.
Affected Version(s)
ValeApp 0 <= 09072026
