CVE-2026-36226

MEDIUM

Advantech WebAccess/SCADA 8.0-2015.08.16 - Cross-Site Scripting via Create New Project User Decryption Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-36226. PoCs published by NullByte8080.

AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2026-36226, demonstrating a cross-site scripting (XSS) vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16. The exploit targets the 'decryption' field in the Admin Dashboard's Create New Project User component, using benign alert-based payloads to verify the vulnerability.

Description

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component

Exploits (1)

github WORKING POC
by NullByte8080 · htmlpoc
https://github.com/NullByte8080/CVE-2026-36226

This repository contains a functional proof-of-concept for CVE-2026-36226, demonstrating a cross-site scripting (XSS) vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16. The exploit targets the 'decryption' field in the Admin Dashboard's Create New Project User component, using benign alert-based payloads to verify the vulnerability.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Advantech WebAccess/SCADA 8.0-2015.08.16
Auth required
Prerequisites: Access to an authorized lab instance of Advantech WebAccess/SCADA 8.0-2015.08.16 · Authentication credentials for the Admin Dashboard
devstral-2 · analyzed May 22, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 6.1
EPSS 0.0004
EPSS Percentile 12.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Published May 22, 2026
Tracked Since May 22, 2026