XSS in Loggro Pymes
CVE-2026-1960
Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, via the 'Facebook' parameter in '/loggrodemo/jbrain/ConsultaTerceros' endpoint.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (32.2th percentile) — read the EPSS interpretation.
Affected products
- Loggro Pymes — versions 0
Weakness classification (CWE)
References
- cve-coordination@incibe.es (patch)