CVE-2026-11772 DRIMO CVE debrief

Who should care

Administrators and users of DRIMO CMS should be aware of this vulnerability, especially since the product is in the End Of Life phase. Security teams should prioritize mitigation efforts, such as deleting the info.php file, to prevent potential attacks.

Technical summary

The vulnerability exists in the searching functionality of DRIMO CMS, specifically in the q parameter. An attacker can craft a URL that, when opened by a victim, executes arbitrary JavaScript code in their browser. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. The weakness associated with this vulnerability is CWE-79.

Defensive priority

Medium priority should be given to mitigating this vulnerability, especially since the product is no longer receiving updates. Deleting the info.php file is a recommended mitigation step.

Recommended defensive actions

• Delete the info.php file to mitigate the vulnerability
• Review and update any existing security controls to prevent exploitation
• Monitor for potential attacks and suspicious activity
• Consider replacing DRIMO CMS with a supported alternative
• Keep records of affected systems and monitor for potential issues

Evidence notes

The CVE record and NVD detail provide official information about the vulnerability. The source item URL and references provide additional context and details about the vulnerability. However, due to the limited information available, further investigation and review of existing security controls are recommended.

Official resources