EIP-2026-111546
PRE-CVEProjeqtor v9.3.1 - Stored Cross Site Scripting (XSS)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111546. PoCs published by Oscar Gil Gutierrez.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Projeqtor v9.3.1 via SVG file upload. An attacker can upload a malicious SVG file containing JavaScript, which executes when viewed by an administrator, potentially leading to privilege escalation and arbitrary code execution.
Description
Projeqtor v9.3.1 - Stored Cross Site Scripting (XSS)
Exploits (1)
This exploit demonstrates a stored XSS vulnerability in Projeqtor v9.3.1 via SVG file upload. An attacker can upload a malicious SVG file containing JavaScript, which executes when viewed by an administrator, potentially leading to privilege escalation and arbitrary code execution.