Stored Cross-Site Scripting in Webremium Istanbul Web Design Product
CVE-2026-3251

6.4MEDIUM

What is CVE-2026-3251?

A stored cross-site scripting vulnerability exists in the Webremium Istanbul Web Design product, specifically in the Mezunum Satiyorum application. This flaw occurs due to improper handling of user input during web page generation, allowing attackers to inject malicious scripts that can be executed within the browser of users visiting the affected site. Versions ranging from 1.2.504 to 10072026 are impacted, which could lead to unauthorized access to sensitive user data and further exploitation. The vendor has been informed about the issue but has not provided any response.

Affected Version(s)

Mezunum Satiyorum 1.2.504 <= 10072026

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Onurcan GENÇ
.