XSS in Plunet Businessmanager

CVE-2026-2337

A vulnerability in Plunet Plunet BusinessManager allows session hijacking, data theft, unauthorized actions on behalf of the user.This issue affects Plunet BusinessManager: 10.15.1.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (25.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References