PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-27502 sa2blv CVE debrief

CVE-2026-27502 is a reflected cross-site scripting vulnerability in SVXportal version 2.5 and prior. The vulnerability is located in log.php and is triggered by the search query parameter. The application embeds the unsanitized parameter value directly into an HTML input value attribute, allowing an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim's browser if the victim visits a crafted URL.

Vendor
sa2blv
Product
SVXportal
CVSS
MEDIUM 5.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-02-20
Original CVE updated
2026-07-14
Advisory published
2026-02-20
Advisory updated
2026-07-14

Who should care

Users of SVXportal version 2.5 and prior should be aware of this vulnerability and take steps to mitigate it. This vulnerability could allow an attacker to steal session data, perform actions as the victim, or modify displayed content.

Technical summary

The vulnerability is a reflected cross-site scripting (XSS) vulnerability in the log.php file of SVXportal version 2.5 and prior. The vulnerability occurs because the application embeds the unsanitized search query parameter value directly into an HTML input value attribute. This allows an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim's browser if the victim visits a crafted URL. The CVSS score for this vulnerability is 5.1, indicating a medium severity.

Defensive priority

Medium priority should be given to remediating this vulnerability, as it could allow an attacker to steal session data, perform actions as the victim, or modify displayed content.

Recommended defensive actions

  • Apply the vendor-provided patch or upgrade to a version of SVXportal that is not vulnerable.
  • Implement input validation and output encoding to prevent XSS attacks.
  • Monitor for suspicious activity and implement compensating controls to detect and prevent exploitation.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-02-20T17:25:56.750Z and was last modified on 2026-07-14T19:16:52.220Z. The NVD entry is currently Analyzed. The vulnerability is described in the NVD detail page and the CVE record.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-02-20T17:25:56.750Z and has not been modified since then. The NVD entry is currently Analyzed.