CVE-2026-40457

LOW

LMS < 9c5651b dbrecover.php/netremap.php - Reflected Cross-Site Scripting

Title source: manual

Description

A Reflected Cross-Site Scripting (XSS) vulnerability exists in LMS (LAN Management System) before commit 9c5651b in the "dbrecover.php" and "netremap.php" modules where unsanitized GET parameters are directly embedded into HTML output. This allows an attacker to inject arbitrary JavaScript when an authenticated user clicks a crafted link, provided the required conditions (such as a network defined in the system) are met.

References (3)

Core 3

Core References

Patch patch

https://github.com/chilek/lms/commit/9c5651b39bfd086cc34fc9a78ddaa8c0815af114

View Patch ZIP pw:eip

Third Party Advisory third-party-advisory

https://cert.pl/posts/2026/06/CVE-2026-40455

Product product

https://lms.org.pl/

Scores

CVSS v4 2.1

EPSS 0.0032

EPSS Percentile 23.4%

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

LMS/LMS < 9c5651b

Published Jun 18, 2026

Tracked Since Jun 18, 2026