CVE-2026-27787

MEDIUM CVSS 5.4 View on NVD ↗

Description

Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References

https://jvn.jp/en/jp/JVN33581068/
https://oss.icz.co.jp/news/?p=1388

Published: Apr 08, 2026 06:16 UTC Modified: Apr 08, 2026 21:26 UTC