EIP-2026-100071

PRE-CVE

TaxiMonger for Android - 'name' HTML Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100071. PoCs published by Ismail Kaleem.

AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in TaxiMonger for Android, allowing arbitrary HTML and script execution in the browser context. The provided JavaScript payload redirects users to a malicious site upon execution.

Description

TaxiMonger for Android - 'name' HTML Injection

Exploits (1)

exploitdb WORKING POC VERIFIED
by Ismail Kaleem · textremoteandroid
https://www.exploit-db.com/exploits/38586

This exploit demonstrates an HTML injection vulnerability in TaxiMonger for Android, allowing arbitrary HTML and script execution in the browser context. The provided JavaScript payload redirects users to a malicious site upon execution.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: TaxiMonger for Android 2.6.2 and 2.3.3
No auth needed
Prerequisites: User interaction required to trigger the payload
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026