HIGH
xibosignage
CVE published 2026-06-10
CVE-2026-42558
CVE-2026-42558 is a vulnerability in the Xibo digital signage platform, which allows users with DataSet permissions to craft malicious messages via the Data Connector functionality. This vulnerability, with a CVSS score of 7.6, was published on 2026-06-10T23:16:46.263Z and modified on 2026-06-11T15:30:51.693Z. The vulnerability is a combination of Stored XSS and Iframe Sandbox escape, enabling attackers t [truncated]