EIP-2026-119098
PRE-CVESambar Server 5.x - 'results.stm' Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-119098. PoCs published by galiarept.
AI-analyzed exploit summary The exploit demonstrates a cross-site scripting (XSS) vulnerability in Sambar Server by injecting a malicious script via the 'query' parameter in the search functionality. The script executes in the context of the victim's browser, potentially stealing cookie-based authentication credentials.
Description
Sambar Server 5.x - 'results.stm' Cross-Site Scripting
Exploits (1)
The exploit demonstrates a cross-site scripting (XSS) vulnerability in Sambar Server by injecting a malicious script via the 'query' parameter in the search functionality. The script executes in the context of the victim's browser, potentially stealing cookie-based authentication credentials.