EIP-2026-106110
PRE-CVEComplaint Management System 4.2 - Persistent Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-106110. PoCs published by Besim.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Complaint Management System 4.2. The vulnerability arises from unsanitized user input in the registration form, which is later displayed in the admin dashboard without proper filtering.
Description
Complaint Management System 4.2 - Persistent Cross-Site Scripting
Exploits (1)
exploitdb
WORKING POC
by Besim · textwebappsphp
https://www.exploit-db.com/exploits/48370
This exploit demonstrates a stored XSS vulnerability in Complaint Management System 4.2. The vulnerability arises from unsanitized user input in the registration form, which is later displayed in the admin dashboard without proper filtering.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Complaint Management System v4.2
No auth needed
Prerequisites:
Access to the registration page
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026