CVE Catalog

CVE-2026-54477

MediumCVSS 5.4
Published: Translated: NVD NIST

Summary

The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.

Risk Assessment

Missing security headers expose the organization to session hijacking and unauthorized actions within the admin panel.

Recommendation

Configure the web server or application to include security headers such as X-Frame-Options, Content-Security-Policy, and X-XSS-Protection.

Original NVD description (English source)

The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS