NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2026-1493

概要	LEX Baza Dokumentów is vulnerable to DOM-based XSS in "em" cookie parameter. The application unsafely processes the parameter on the client side, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser. An attacker with ability to set a cookie can perform a more severe attack, so we evaluate the impact and risk of exploitation as minimal. However, the vendor considered this a vulnerability and released a security patch. This issue was fixed in version 1.3.4.
公表日	2026年4月30日21:16
登録日	2026年5月1日4:07
最終更新日	2026年5月1日0:48

関連情報、対策とツール

No	URL	refsource	タグ
1	https://cert.pl/posts/2026/04/CVE-2025-1493	cvd@cert.pl
2	https://www.wolterskluwer.com/pl-pl/solutions/lex-baza-dokumentow	cvd@cert.pl

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html