CVE-2026-30252: n/a
CVE-2026-30252 is a medium severity vulnerability involving multiple reflected cross-site scripting (XSS) flaws in the login. php endpoint of Interzen Consulting S. r. l ZenShare Suite v17. 0. Attackers can exploit crafted URLs injecting malicious JavaScript via the codice_azienda and red_url parameters, potentially executing scripts in the context of the user's browser. The vulnerability has a CVSS score of 6. 1, indicating moderate impact on confidentiality and integrity without affecting availability. No official patch or vendor advisory is currently available, and no known exploits in the wild have been reported.
AI Analysis
Technical Summary
This vulnerability consists of multiple reflected XSS issues in the login.php endpoint of ZenShare Suite v17.0 by Interzen Consulting S.r.l. Specifically, the codice_azienda and red_url URL parameters do not properly sanitize user input, allowing attackers to inject arbitrary JavaScript code. When a user accesses a crafted URL containing these malicious parameters, the injected script executes in the user's browser context, potentially leading to information disclosure or session manipulation. The CVSS 3.1 vector indicates the attack requires no privileges, has low attack complexity, user interaction is required, and the impact affects confidentiality and integrity with no impact on availability.
Potential Impact
Successful exploitation allows attackers to execute arbitrary JavaScript in the victim's browser, which can lead to theft of sensitive information such as session tokens or user data, and manipulation of the user interface. However, the vulnerability does not impact system availability. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when clicking on URLs targeting the login.php endpoint with codice_azienda and red_url parameters. Implementing web application firewall (WAF) rules to detect and block suspicious input patterns may provide temporary mitigation.
CVE-2026-30252: n/a
Description
CVE-2026-30252 is a medium severity vulnerability involving multiple reflected cross-site scripting (XSS) flaws in the login. php endpoint of Interzen Consulting S. r. l ZenShare Suite v17. 0. Attackers can exploit crafted URLs injecting malicious JavaScript via the codice_azienda and red_url parameters, potentially executing scripts in the context of the user's browser. The vulnerability has a CVSS score of 6. 1, indicating moderate impact on confidentiality and integrity without affecting availability. No official patch or vendor advisory is currently available, and no known exploits in the wild have been reported.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability consists of multiple reflected XSS issues in the login.php endpoint of ZenShare Suite v17.0 by Interzen Consulting S.r.l. Specifically, the codice_azienda and red_url URL parameters do not properly sanitize user input, allowing attackers to inject arbitrary JavaScript code. When a user accesses a crafted URL containing these malicious parameters, the injected script executes in the user's browser context, potentially leading to information disclosure or session manipulation. The CVSS 3.1 vector indicates the attack requires no privileges, has low attack complexity, user interaction is required, and the impact affects confidentiality and integrity with no impact on availability.
Potential Impact
Successful exploitation allows attackers to execute arbitrary JavaScript in the victim's browser, which can lead to theft of sensitive information such as session tokens or user data, and manipulation of the user interface. However, the vulnerability does not impact system availability. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when clicking on URLs targeting the login.php endpoint with codice_azienda and red_url parameters. Implementing web application firewall (WAF) rules to detect and block suspicious input patterns may provide temporary mitigation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-03-04T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 69cef3d9e6bfc5ba1d047235
Added to database: 4/2/2026, 10:55:21 PM
Last enriched: 4/10/2026, 9:13:27 AM
Last updated: 5/20/2026, 8:50:01 PM
Views: 72
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.