XSS in Soplanning

CVE-2026-40545

SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SO…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (23.0th percentile) — read the EPSS interpretation.