Cross-Site Scripting Vulnerability in Inrove Software BiEticaret
CVE-2026-5793

6.1MEDIUM

What is CVE-2026-5793?

A cross-site scripting vulnerability exists in Inrove Software's BiEticaret, which improperly neutralizes input during web page generation. This flaw allows attackers to execute malicious scripts in the context of a user's browser session, potentially leading to credential theft and session hijacking. The vulnerability impacts versions of BiEticaret prior to v3.3.57. Users are advised to upgrade to the latest version to mitigate this risk.

Affected Version(s)

BiEticaret 0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ferit Ă–ZNER
.