CVE Catalog
CVE-2026-57319
HighCVSS 7.1Summary
An unauthenticated Cross Site Scripting (XSS) vulnerability exists in FOX versions 1.4.8 and earlier. It allows a remote attacker to inject malicious script without authentication.
Risk Assessment
An attacker can steal user sessions, redirect users to malicious sites, or perform other actions in the victim's browser context, leading to confidentiality and integrity breaches.
Recommendation
Immediately upgrade FOX to a version later than 1.4.8 that includes a fix for the XSS vulnerability.
Original NVD description (English source)
Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions.

