Description
SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user registration workflow (index.php submitting to admin/user_action.php). User-supplied fields such as Firstname, lastname, and email are stored in the backend database without adequate output encoding and are later rendered in the administrator interface (admin/users.php), allowing an unauthenticated remote attacker to inject arbitrary JavaScript that executes in an administrator's browser upon viewing the affected page.
Published: 2026-02-20
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Client‑side script execution in administrator browsers
Action: Immediate Patch
AI Analysis

Impact

SVXportal versions 2.5 and earlier store user input such as Firstname, Lastname, and Email without proper output encoding. A malicious user can register with specially crafted data that includes JavaScript; when an administrator later views the user list, the stored script runs in the admin’s browser. This stored cross‑site scripting enables an attacker to execute arbitrary code in the context of an authenticated administrator.

Affected Systems

The vulnerability affects the SVXportal application distributed by SA2BLV, specifically all public releases up to and including version 2.5. Admin interfaces rendered by admin/users.php are impacted.

Risk and Exploitability

The CVSS score of 5.1 indicates a medium impact area, and the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Attackers can inject code by submitting a registration form with malicious input, then wait for an administrator to load the affected admin page. The attacker does not need credentials to insert the payload, but must rely on an authenticated admin to render the stored script. Overall risk remains moderate due to the need for an admin to trigger execution, combined with the low exploit probability.

Generated by OpenCVE AI on April 18, 2026 at 11:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade SVXportal to the latest version that includes proper input validation and output escaping for user registration fields.
  • If an upgrade is not immediately possible, apply a temporary measure by sanitizing all user‑supplied data before storage or by stripping HTML tags, and ensure that the admin pages perform output encoding (e.g., using htmlspecialchars) when displaying user information.
  • Immediately remove or edit any existing user records that contain malicious scripts and monitor the system for suspicious registration activity.

Generated by OpenCVE AI on April 18, 2026 at 11:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Sa2blv
Sa2blv svxportal
Vendors & Products Sa2blv
Sa2blv svxportal

Mon, 23 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Radioinorr
Radioinorr svxportal
CPEs cpe:2.3:a:radioinorr:svxportal:*:*:*:*:*:*:*:*
Vendors & Products Radioinorr
Radioinorr svxportal

Fri, 20 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Fri, 20 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Description SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user registration workflow (index.php submitting to admin/user_action.php). User-supplied fields such as Firstname, lastname, and email are stored in the backend database without adequate output encoding and are later rendered in the administrator interface (admin/users.php), allowing an unauthenticated remote attacker to inject arbitrary JavaScript that executes in an administrator's browser upon viewing the affected page.
Title SVXportal <= 2.5 admin/user_action.php Stored XSS
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Radioinorr Svxportal
Sa2blv Svxportal
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-11T23:11:22.808Z

Reserved: 2026-02-19T19:51:07.327Z

Link: CVE-2026-27505

cve-icon Vulnrichment

Updated: 2026-02-20T19:02:57.784Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-20T17:25:57.253

Modified: 2026-02-23T13:56:05.413

Link: CVE-2026-27505

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T11:30:44Z

Weaknesses