Cross-Site Scripting Vulnerability in DivvyDrive by DivvyDrive Information Technologies
CVE-2026-5784

8.8HIGH

Key Information:

Vendor: Divvydrive Information Technologies Inc.
Status: Divvydrive
Vendor: CVE Published:; 7 May 2026

🔔 Create Divvydrive Information Technologies Inc. Vulnerability Alert

What is CVE-2026-5784?

A cross-site scripting vulnerability exists in DivvyDrive, affecting versions from 4.8.2.9 up to, but not including, 4.8.3.2. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. By exploiting this flaw, an attacker could potentially perform actions on behalf of users, compromise user accounts, or expose sensitive information. It highlights the necessity for proper input validation and output encoding to safeguard web applications.

Affected Version(s)

DivvyDrive 4.8.2.9 < 4.8.3.2

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2026
Vulnerability Reserved
Apr 8, 2026

Credit

Alperen KESKİN

CVE-2026-5784 Data

JSON