MEDIUM
DRIMO
CVE published 2026-06-23
CVE-2026-11772
CVE-2026-11772 is a Reflected XSS vulnerability in DRIMO CMS, which allows an attacker to prepare a URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. The product is in the End Of Life phase and will not receive any updates. However, deleting the info.php file mitigates the vulnerability. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is [truncated]