CVE 5.1 MEDIUM

Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes_CVE-2026-1960

February 9, 2026 invoker category_cve
5.1 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.

Basic Information

ID CVE-2026-1960
Source INCIBE
Published Feb 9, 2026 at 11:41

Affected Product

Vendor Loggro Pymes
Product Loggro Pymes
Affected Versions Loggro Pymes Loggro Pymes 0

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.