PatchSiren cyber security CVE debrief
CVE-2026-50592 Znuny CVE debrief
CVE-2026-50592 is a reflected XSS vulnerability in the AdminCommunicationLog view of Znuny LTS before 6.5.21 and Znuny before 7.3.3. The vulnerability has a CVSS score of 6.4 and a severity of MEDIUM. It was published on 2026-06-05T02:17:14.350Z and modified on 2026-06-05T14:59:31.207Z.
- Vendor
- Znuny
- Product
- Znuny
- CVSS
- MEDIUM 6.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-05
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-06-05
- Advisory updated
- 2026-06-05
Who should care
Users of Znuny LTS before 6.5.21 and Znuny before 7.3.3 should apply the necessary patches to prevent exploitation of this vulnerability.
Technical summary
The vulnerability is a reflected XSS in the AdminCommunicationLog view of Znuny LTS and Znuny. This type of vulnerability occurs when user input is reflected back to the user without proper sanitization, allowing an attacker to inject malicious code.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches for Znuny LTS 6.5.21 and Znuny 7.3.3 or later.
- Ensure that user input is properly sanitized in the AdminCommunicationLog view.
Evidence notes
The CVE record and NVD detail can be found at [cve-org] and [nvd], respectively. Additional information is available at [ref-4].
Official resources
-
CVE-2026-50592 CVE record
CVE.org
-
CVE-2026-50592 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-50592 was published on 2026-06-05T02:17:14.350Z and modified on 2026-06-05T14:59:31.207Z.