CVE-2026-27504: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in sa2blv SVXportal
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobile_front.php via the stationid query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value into a hidden input value field, allowing attacker-supplied script injection and execution in the administrator's browser. This can be used to compromise admin sessions or perform unauthorized actions via the administrator's authenticated context.
AI Analysis
Technical Summary
CVE-2026-27504 is a reflected XSS vulnerability in SVXportal (version 2.5 and prior) affecting the radiomobile_front.php page. The issue arises because the stationid query parameter is embedded unsanitized into a hidden input field when viewed by an authenticated administrator. This improper neutralization of input (CWE-79) allows attacker-supplied scripts to execute in the administrator's browser context, potentially compromising admin sessions or enabling unauthorized administrative actions. The vulnerability requires user interaction (administrator visiting a crafted URL) and has no reported exploits or patches at this time.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary scripts in the browser of an authenticated administrator. This can lead to session hijacking or unauthorized actions performed with administrator privileges. The vulnerability is limited to administrators who interact with maliciously crafted URLs. There are no known exploits in the wild, and the vulnerability does not affect unauthenticated users.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should avoid clicking on untrusted or suspicious URLs containing the stationid parameter. Implementing web application firewall (WAF) rules to detect and block malicious input patterns may help mitigate risk. Monitor vendor channels for updates regarding patches or official mitigations.
CVE-2026-27504: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in sa2blv SVXportal
Description
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobile_front.php via the stationid query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value into a hidden input value field, allowing attacker-supplied script injection and execution in the administrator's browser. This can be used to compromise admin sessions or perform unauthorized actions via the administrator's authenticated context.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-27504 is a reflected XSS vulnerability in SVXportal (version 2.5 and prior) affecting the radiomobile_front.php page. The issue arises because the stationid query parameter is embedded unsanitized into a hidden input field when viewed by an authenticated administrator. This improper neutralization of input (CWE-79) allows attacker-supplied scripts to execute in the administrator's browser context, potentially compromising admin sessions or enabling unauthorized administrative actions. The vulnerability requires user interaction (administrator visiting a crafted URL) and has no reported exploits or patches at this time.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary scripts in the browser of an authenticated administrator. This can lead to session hijacking or unauthorized actions performed with administrator privileges. The vulnerability is limited to administrators who interact with maliciously crafted URLs. There are no known exploits in the wild, and the vulnerability does not affect unauthenticated users.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should avoid clicking on untrusted or suspicious URLs containing the stationid parameter. Implementing web application firewall (WAF) rules to detect and block malicious input patterns may help mitigate risk. Monitor vendor channels for updates regarding patches or official mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-02-19T19:51:07.327Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6998c42f2c4d84f260d040ab
Added to database: 2/20/2026, 8:29:35 PM
Last enriched: 5/12/2026, 4:02:02 AM
Last updated: 5/22/2026, 11:01:10 AM
Views: 129
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.