CVE Catalog

CVE-2026-54192

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Summary

Popup box versions up to 6.2.9 are vulnerable to unauthenticated Cross Site Scripting (XSS). An attacker can exploit this vulnerability to inject malicious scripts.

Risk Assessment

This vulnerability may lead to user data theft or session hijacking, posing a serious security threat to the application.

Recommendation

It is recommended to upgrade to the latest version of Popup box to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated Cross Site Scripting (XSS) in Popup box <= 6.2.9 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS