HIGHCVE-2026-5784Published Modified CNA TR-CERT
CVE-2026-5784: Stored XSS in DivvyDrive Information Technologies' DivvyDrive
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.
Metrics
- CVSS v3.1
- 8.8
- Severity
- HIGH
- Fixed in
- 4.8.3.2
- Affected Products
- 1
Fix available
4.8.3.2
Affected packages
- DivvyDrive Information Technologies Inc. / DivvyDrive< 4.8.3.2 (from 4.8.2.9)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences