EIP-2026-112301
PRE-CVESocial Share - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112301. PoCs published by Aliaksandr Hartsuyeu.
AI-analyzed exploit summary The exploit demonstrates XSS vulnerabilities in Social Share by providing crafted URLs that inject arbitrary script code via unsanitized 'title' and 'url' parameters. The PoC is functional and directly exploitable in affected versions.
Description
Social Share - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Aliaksandr Hartsuyeu · textwebappsphp
https://www.exploit-db.com/exploits/35121
The exploit demonstrates XSS vulnerabilities in Social Share by providing crafted URLs that inject arbitrary script code via unsanitized 'title' and 'url' parameters. The PoC is functional and directly exploitable in affected versions.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Social Share (version unspecified)
No auth needed
Prerequisites:
Access to the target application's 'save.php' endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026