PatchSiren

IngEstate CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM IngEstate CVE published 2026-03-30

CVE-2026-30082

CVE-2026-30082 is a medium-severity vulnerability with a CVSS score of 6.1. Multiple stored cross-site scripting (XSS) vulnerabilities exist in the Edit feature of the Software Package List page of IngEstate Server v11.14.0. Attackers can execute arbitrary web scripts or HTML by injecting crafted payloads into the About application, What's news, or Release note parameters. The CVE record was published on [truncated]