CVE-2026-50592
6.4
MEDIUM
CVSS 3.1
Description
In Znuny LTS before 6.5.21 and Znuny before 7.3.3, there is reflected XSS in AdminCommunicationLog (aka the communication log administration view).
How to fix CVE-2026-50592
No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.
- Debian/znuny—no fix listed
Is CVE-2026-50592 being exploited?
No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-50592.
Affected packages (1)
- from 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |