Description
SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user profile update workflow (user_settings.php submitting to admin/update_user.php). Authenticated users can store malicious HTML/JavaScript in fields such as Firstname, lastname, email, and image_url, which are later rendered without adequate output encoding in the administrator interface (admin/users.php), resulting in JavaScript execution in an administrator's browser when the affected page is viewed.
Published: 2026-02-20
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored cross‑site scripting allowing script execution in an administrator's browser
Action: Patch/Update
AI Analysis

Impact

A stored cross‑site scripting flaw exists in SVXportal 2.5 and earlier. Fields such as Firstname, Lastname, Email, and Image_url accept user input that is later rendered without proper output encoding within the administrator views. If an attacker injects malicious JavaScript, it will execute when an administrator opens the affected page, potentially granting control over the admin's browser session.

Affected Systems

The vulnerability affects the SVXportal application provided by sa2blv. All releases up to and including version 2.5 are susceptible. No specific sub‑versions are highlighted beyond the version ceiling of 2.5.

Risk and Exploitability

The CVSS score of 5.1 indicates moderate severity. EPSS is listed as less than 1%, implying a very low probability of exploitation, and the vulnerability is not part of the CISA KEV catalog. The attack vector requires the attacker to be an authenticated user, meaning prior compromise or social engineering to gain user credentials is necessary. Once authenticated, the attacker can store payloads in the indicated fields; these payloads will then be executed in any administrator's browser that views the edited user profile. The impact is confined to the browser environment of the admin and does not provide system‑wide code execution or other privilege escalation beyond the browser context.

Generated by OpenCVE AI on April 17, 2026 at 17:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to a version of SVXportal newer than 2.5 if available from the vendor
  • Implement server‑side input validation or output encoding on user profile fields to prevent XSS
  • Configure web application firewall rules to detect and block suspicious script payloads in user profile submissions
  • For environments where a direct update is not possible, restrict access to the admin/update_user.php endpoint to trusted users and monitor for unusual input patterns

Generated by OpenCVE AI on April 17, 2026 at 17:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Sa2blv
Sa2blv svxportal
Vendors & Products Sa2blv
Sa2blv svxportal

Mon, 23 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Radioinorr
Radioinorr svxportal
CPEs cpe:2.3:a:radioinorr:svxportal:*:*:*:*:*:*:*:*
Vendors & Products Radioinorr
Radioinorr svxportal

Fri, 20 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Fri, 20 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Description SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user profile update workflow (user_settings.php submitting to admin/update_user.php). Authenticated users can store malicious HTML/JavaScript in fields such as Firstname, lastname, email, and image_url, which are later rendered without adequate output encoding in the administrator interface (admin/users.php), resulting in JavaScript execution in an administrator's browser when the affected page is viewed.
Title SVXportal <= 2.5 Profile Update Stored XSS
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Radioinorr Svxportal
Sa2blv Svxportal
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-02-20T20:13:00.145Z

Reserved: 2026-02-19T19:51:07.327Z

Link: CVE-2026-27506

cve-icon Vulnrichment

Updated: 2026-02-20T18:56:50.914Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-20T17:25:57.410

Modified: 2026-02-23T13:55:30.903

Link: CVE-2026-27506

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T17:30:23Z

Weaknesses