CVE-2026-32774
MEDIUM WAF: High
CVSS 5.4
Published: 2026-03-16
CWE-79
Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers.
WAF Coverage Analysis
Cross-Site Scripting (XSS)
High WAF Coverage
OWASP: A03:2021 Injection
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| vulnogram | vulnogram | 1.0.0 |
References
- github.com (Product)
- github.com (Broken Link)
- www.vulncheck.com (Third Party Advisory)
- github.com (Patch)