Description
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobile_front.php via the stationid query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value into a hidden input value field, allowing attacker-supplied script injection and execution in the administrator's browser. This can be used to compromise admin sessions or perform unauthorized actions via the administrator's authenticated context.
Published: 2026-02-20
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege escalation via reflected XSS in the administrator context
Action: Immediate Patch
AI Analysis

Impact

SVXportal versions 2.5 and earlier contain a reflected cross‑site scripting flaw in the radiomobile_front.php page. The stationid query parameter is inserted into a hidden input field without sanitization, allowing an attacker to inject script that runs in the browser of any authenticated administrator who visits a crafted link. This can lead to session hijacking or the execution of arbitrary actions in the administrator’s authenticated context, compromising the integrity and confidentiality of system management functions.

Affected Systems

The affected product is SVXportal, a radio management application sold by sa2blv. Versions 2.5 and earlier are vulnerable; there is no indication that later releases address the flaw. The vulnerability is accessed via radiomobile_front.php when the stationid parameter is present.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity, and the EPSS score of less than 1% suggests a low but non‑zero likelihood of exploitation. The flaw is not currently listed in CISA’s KEV catalog. Exploitation requires an attacker to lure or trick an authenticated administrator into visiting a malicious URL, after which the embedded script executes with the administrator’s privileges. While the attack vector is limited to users with administrative access, the impact on compromised admin sessions can be severe.

Generated by OpenCVE AI on April 17, 2026 at 17:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑supplied patch or upgrade SVXportal beyond version 2.5 to eliminate the reflected XSS vulnerability.
  • If a patch is not available, modify radiomobile_front.php to validate and encode any user‑supplied stationid value before embedding it in the hidden input field.
  • Restrict direct access to radiomobile_front.php by ensuring that only authorized administrative sessions can request this page, and consider adding an additional anti‑XSS filter or content security policy.

Generated by OpenCVE AI on April 17, 2026 at 17:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Sa2blv
Sa2blv svxportal
Vendors & Products Sa2blv
Sa2blv svxportal

Mon, 23 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Radioinorr
Radioinorr svxportal
CPEs cpe:2.3:a:radioinorr:svxportal:*:*:*:*:*:*:*:*
Vendors & Products Radioinorr
Radioinorr svxportal

Fri, 20 Feb 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Fri, 20 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Description SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobile_front.php via the stationid query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value into a hidden input value field, allowing attacker-supplied script injection and execution in the administrator's browser. This can be used to compromise admin sessions or perform unauthorized actions via the administrator's authenticated context.
Title SVXportal <= 2.5 radiomobile_front.php stationid Reflected XSS
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Radioinorr Svxportal
Sa2blv Svxportal
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-02-20T20:12:32.368Z

Reserved: 2026-02-19T19:51:07.327Z

Link: CVE-2026-27504

cve-icon Vulnrichment

Updated: 2026-02-20T19:37:06.401Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-20T17:25:57.087

Modified: 2026-02-23T13:57:52.463

Link: CVE-2026-27504

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T17:30:23Z

Weaknesses