MEDIUM
IngEstate
CVE published 2026-03-30
CVE-2026-30082
CVE-2026-30082 is a medium-severity vulnerability with a CVSS score of 6.1. Multiple stored cross-site scripting (XSS) vulnerabilities exist in the Edit feature of the Software Package List page of IngEstate Server v11.14.0. Attackers can execute arbitrary web scripts or HTML by injecting crafted payloads into the About application, What's news, or Release note parameters. The CVE record was published on [truncated]