<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Mon, 13 Jul 2026 02:27:21 +0000</lastBuildDate>
    <item>
      <title>34e4b320-c820-4ff6-a026-94d690a1f76d</title>
      <link>https://vulnerability.circl.lu/sighting/34e4b320-c820-4ff6-a026-94d690a1f76d/export</link>
      <description>{"uuid": "34e4b320-c820-4ff6-a026-94d690a1f76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55793", "type": "seen", "source": "https://gist.github.com/alon710/1b2e654724e66f79f392f0bd62b60dc4", "content": "# CVE-2026-55793: CVE-2026-55793: Stored DOM-Based Cross-Site Scripting in Craft CMS ElementTableSorter\n\n&amp;gt; **CVSS Score:** 5.9\n&amp;gt; **Published:** 2026-07-06\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-55793\n\n## Summary\nCVE-2026-55793 is a DOM-based Stored Cross-Site Scripting (XSS) vulnerability affecting Craft CMS versions 5.0.0-RC1 through 5.9.22. An authenticated user with minimum Author privileges can store a malicious payload in an entry's title. When an administrator or high-privileged user performs a drag-and-drop operation under the modified entry in the structure table view, the unescaped payload is retrieved and concatenated into raw HTML, resulting in arbitrary JavaScript execution within the context of the administrative session.\n\n## TL;DR\nA DOM-based Stored XSS in Craft CMS (5.0.0-RC1 to 5.9.22) allows low-privileged authors to execute arbitrary JavaScript in admin sessions when admins perform drag-and-drop operations on affected entry structures.\n\n## Technical Details\n\n- **CWE ID**: CWE-79\n- **Attack Vector**: Network\n- **CVSS Base Score**: 5.9 (Medium) - CVSS v4.0\n- **EPSS Score**: 0.00412\n- **Impact**: High Integrity Compromise (Session Takeover / Privilege Escalation)\n- **Exploit Status**: Proof-of-Concept / Technical Analysis Available\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Craft CMS\n- **cms**: &amp;gt;= 5.0.0-RC1, &amp;lt;= 5.9.22 (Fixed in: `5.9.23`)\n\n## Mitigation\n\n- Upgrade Craft CMS instances to version 5.9.23 or higher.\n- Restrict 'saveEntries' and structure management privileges to trusted administrative accounts.\n- Deploy Web Application Firewall (WAF) filters to monitor entry saving actions for event handlers inside text properties.\n\n**Remediation Steps:**\n1. Navigate to the root directory of the Craft CMS deployment.\n2. Execute the dependency manager update command: composer update craftcms/cms.\n3. Verify the installed version is 5.9.23 or above using: php craft help.\n4. Clear the compiled control panel resource cache to force loading of the updated ElementTableSorter.js asset.\n\n## References\n\n- [Craft CMS GitHub Fix Commit](https://github.com/craftcms/cms/commit/162321e899cc97517fb6f5a02b5528f549d0c6cc)\n- [Craft CMS GitHub Security Advisory](https://github.com/craftcms/cms/security/advisories/GHSA-xrqc-p465-2xvg)\n- [CVE-2026-55793 CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-55793)\n- [Wiz Vulnerability Database Advisory](https://www.wiz.io/vulnerability-database/cve/cve-2026-55793)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-55793) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-07T01:42:10.898157Z"}</description>
      <content:encoded>{"uuid": "34e4b320-c820-4ff6-a026-94d690a1f76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55793", "type": "seen", "source": "https://gist.github.com/alon710/1b2e654724e66f79f392f0bd62b60dc4", "content": "# CVE-2026-55793: CVE-2026-55793: Stored DOM-Based Cross-Site Scripting in Craft CMS ElementTableSorter\n\n&amp;gt; **CVSS Score:** 5.9\n&amp;gt; **Published:** 2026-07-06\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-55793\n\n## Summary\nCVE-2026-55793 is a DOM-based Stored Cross-Site Scripting (XSS) vulnerability affecting Craft CMS versions 5.0.0-RC1 through 5.9.22. An authenticated user with minimum Author privileges can store a malicious payload in an entry's title. When an administrator or high-privileged user performs a drag-and-drop operation under the modified entry in the structure table view, the unescaped payload is retrieved and concatenated into raw HTML, resulting in arbitrary JavaScript execution within the context of the administrative session.\n\n## TL;DR\nA DOM-based Stored XSS in Craft CMS (5.0.0-RC1 to 5.9.22) allows low-privileged authors to execute arbitrary JavaScript in admin sessions when admins perform drag-and-drop operations on affected entry structures.\n\n## Technical Details\n\n- **CWE ID**: CWE-79\n- **Attack Vector**: Network\n- **CVSS Base Score**: 5.9 (Medium) - CVSS v4.0\n- **EPSS Score**: 0.00412\n- **Impact**: High Integrity Compromise (Session Takeover / Privilege Escalation)\n- **Exploit Status**: Proof-of-Concept / Technical Analysis Available\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Craft CMS\n- **cms**: &amp;gt;= 5.0.0-RC1, &amp;lt;= 5.9.22 (Fixed in: `5.9.23`)\n\n## Mitigation\n\n- Upgrade Craft CMS instances to version 5.9.23 or higher.\n- Restrict 'saveEntries' and structure management privileges to trusted administrative accounts.\n- Deploy Web Application Firewall (WAF) filters to monitor entry saving actions for event handlers inside text properties.\n\n**Remediation Steps:**\n1. Navigate to the root directory of the Craft CMS deployment.\n2. Execute the dependency manager update command: composer update craftcms/cms.\n3. Verify the installed version is 5.9.23 or above using: php craft help.\n4. Clear the compiled control panel resource cache to force loading of the updated ElementTableSorter.js asset.\n\n## References\n\n- [Craft CMS GitHub Fix Commit](https://github.com/craftcms/cms/commit/162321e899cc97517fb6f5a02b5528f549d0c6cc)\n- [Craft CMS GitHub Security Advisory](https://github.com/craftcms/cms/security/advisories/GHSA-xrqc-p465-2xvg)\n- [CVE-2026-55793 CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-55793)\n- [Wiz Vulnerability Database Advisory](https://www.wiz.io/vulnerability-database/cve/cve-2026-55793)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-55793) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-07T01:42:10.898157Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/34e4b320-c820-4ff6-a026-94d690a1f76d/export</guid>
      <pubDate>Tue, 07 Jul 2026 01:42:10 +0000</pubDate>
    </item>
    <item>
      <title>56d35e45-76a5-4d64-9195-2216c720b08d</title>
      <link>https://vulnerability.circl.lu/sighting/56d35e45-76a5-4d64-9195-2216c720b08d/export</link>
      <description>{"uuid": "56d35e45-76a5-4d64-9195-2216c720b08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55793", "type": "published-proof-of-concept", "source": "https://github.com/craftcms/cms/security/advisories/GHSA-xrqc-p465-2xvg", "content": "", "creation_timestamp": "2026-07-06T22:35:07.514024Z"}</description>
      <content:encoded>{"uuid": "56d35e45-76a5-4d64-9195-2216c720b08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-55793", "type": "published-proof-of-concept", "source": "https://github.com/craftcms/cms/security/advisories/GHSA-xrqc-p465-2xvg", "content": "", "creation_timestamp": "2026-07-06T22:35:07.514024Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/56d35e45-76a5-4d64-9195-2216c720b08d/export</guid>
      <pubDate>Mon, 06 Jul 2026 22:35:07 +0000</pubDate>
    </item>
    <item>
      <title>d89a2536-ae66-4ec0-a221-d9682b6b7cce</title>
      <link>https://vulnerability.circl.lu/sighting/d89a2536-ae66-4ec0-a221-d9682b6b7cce/export</link>
      <description>{"uuid": "d89a2536-ae66-4ec0-a221-d9682b6b7cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55793", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpoaley52l2b", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55793 \u0432 Craft CMS: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/791437DA-AF6B-47B3-BD54-B2E5E2D88E74", "creation_timestamp": "2026-07-02T14:29:28.373181Z"}</description>
      <content:encoded>{"uuid": "d89a2536-ae66-4ec0-a221-d9682b6b7cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-55793", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpoaley52l2b", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-55793 \u0432 Craft CMS: \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/791437DA-AF6B-47B3-BD54-B2E5E2D88E74", "creation_timestamp": "2026-07-02T14:29:28.373181Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d89a2536-ae66-4ec0-a221-d9682b6b7cce/export</guid>
      <pubDate>Thu, 02 Jul 2026 14:29:28 +0000</pubDate>
    </item>
  </channel>
</rss>
