XSS in Plunet Businessmanager
CVE-2026-2337
A vulnerability in Plunet Plunet BusinessManager allows session hijacking, data theft, unauthorized actions on behalf of the user.This issue affects Plunet BusinessManager: 10.15.1.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (25.9th percentile) — read the EPSS interpretation.
Affected products
- Plunet Businessmanager — versions 10.15.1, 10.22.3