EIP-2026-100841

PRE-CVE

L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100841. PoCs published by http-equiv.

AI-analyzed exploit summary The provided text describes multiple cross-site scripting (XSS) vulnerabilities in L-Soft Listserv, with example URLs demonstrating how an attacker could embed malicious HTML and script code. These examples are not functional exploit code but rather illustrative of the vulnerability.

Description

L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by http-equiv · textwebappscgi

https://www.exploit-db.com/exploits/23485

View Code ZIP pw:eip

The provided text describes multiple cross-site scripting (XSS) vulnerabilities in L-Soft Listserv, with example URLs demonstrating how an attacker could embed malicious HTML and script code. These examples are not functional exploit code but rather illustrative of the vulnerability.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: L-Soft Listserv

No auth needed

Prerequisites: Access to a vulnerable L-Soft Listserv instance · Ability to craft malicious URLs

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026