CVE Catalog

CVE-2026-57319

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Summary

An unauthenticated Cross Site Scripting (XSS) vulnerability exists in FOX versions 1.4.8 and earlier. It allows a remote attacker to inject malicious script without authentication.

Risk Assessment

An attacker can steal user sessions, redirect users to malicious sites, or perform other actions in the victim's browser context, leading to confidentiality and integrity breaches.

Recommendation

Immediately upgrade FOX to a version later than 1.4.8 that includes a fix for the XSS vulnerability.

Original NVD description (English source)

Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS