CVE-2026-41031

HIGH WAF: High

CVSS 8.7 Published: 2026-06-09

CWE-79

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials.

WAF Coverage Analysis

Cross-Site Scripting (XSS) High WAF Coverage

OWASP: A03:2021 Injection

941xxx - XSS / XXE

References

partner.skilja.com

Back to CVE Database