CVE Catalog
CVE-2026-57325
HighCVSS 7.1Summary
The vulnerability allows an unauthenticated attacker to inject malicious script (XSS) in NanoMag version 1.8 and earlier. The attack can be performed without authentication, increasing the risk for users.
Risk Assessment
The risk involves potential session theft, redirection to malicious sites, or other actions in the victim's browser context, which may lead to data confidentiality breaches.
Recommendation
It is recommended to immediately update to the latest version of NanoMag that fixes this vulnerability. If an update is not available, apply temporary mitigations such as input filtering.
Original NVD description (English source)
Unauthenticated Cross Site Scripting (XSS) in NanoMag <= 1.8 versions.

