MEDIUM
Allegra
CVE published 2026-06-13
CVE-2026-11443
CVE-2026-11443 is a Cross-Site Scripting (XSS) Authentication Bypass Vulnerability in the Allegra software. The vulnerability exists within the downloadAttachment method and results from the lack of proper validation of user-supplied data. This allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability, as the target [truncated]