PatchSiren cyber security CVE debrief
CVE-2026-27502 sa2blv CVE debrief
CVE-2026-27502 is a reflected cross-site scripting vulnerability in SVXportal version 2.5 and prior. The vulnerability is located in log.php and is triggered by the search query parameter. The application embeds the unsanitized parameter value directly into an HTML input value attribute, allowing an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim's browser if the victim visits a crafted URL.
- Vendor
- sa2blv
- Product
- SVXportal
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-20
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-02-20
- Advisory updated
- 2026-07-14
Who should care
Users of SVXportal version 2.5 and prior should be aware of this vulnerability and take steps to mitigate it. This vulnerability could allow an attacker to steal session data, perform actions as the victim, or modify displayed content.
Technical summary
The vulnerability is a reflected cross-site scripting (XSS) vulnerability in the log.php file of SVXportal version 2.5 and prior. The vulnerability occurs because the application embeds the unsanitized search query parameter value directly into an HTML input value attribute. This allows an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim's browser if the victim visits a crafted URL. The CVSS score for this vulnerability is 5.1, indicating a medium severity.
Defensive priority
Medium priority should be given to remediating this vulnerability, as it could allow an attacker to steal session data, perform actions as the victim, or modify displayed content.
Recommended defensive actions
- Apply the vendor-provided patch or upgrade to a version of SVXportal that is not vulnerable.
- Implement input validation and output encoding to prevent XSS attacks.
- Monitor for suspicious activity and implement compensating controls to detect and prevent exploitation.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
Evidence notes
The CVE record was published on 2026-02-20T17:25:56.750Z and was last modified on 2026-07-14T19:16:52.220Z. The NVD entry is currently Analyzed. The vulnerability is described in the NVD detail page and the CVE record.
Official resources
-
CVE-2026-27502 CVE record
CVE.org
-
CVE-2026-27502 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
[email protected] - Product
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-02-20T17:25:56.750Z and has not been modified since then. The NVD entry is currently Analyzed.