Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sat, 30 May 2026 04:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 28 May 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Kovah
Kovah linkace |
|
| Vendors & Products |
Kovah
Kovah linkace |
Thu, 28 May 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This affects instances configured with SSO/OAuth authentication, which is one of the supported authentication methods in LinkAce. An attacker who sets their OAuth display name to a malicious script and then creates an API token will plant a persistent XSS payload in the audit log. When any admin navigates to /system/audit, the payload executes in the admin's browser context. This enables session cookie theft, CSRF token exfiltration (exposed in the la-app-data meta tag), or any other action the admin can perform. This vulnerability is fixed in 2.5.6. | |
| Title | LinkAce - Stored XSS via Unsanitized SSO User's Name Rendered in Admin Audit Log Allows Session Hijacking | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-05-30T02:19:54.790Z
Reserved: 2026-05-11T21:40:08.177Z
Link: CVE-2026-45343
Updated: 2026-05-30T02:19:49.337Z
Status : Deferred
Published: 2026-05-28T22:17:00.367
Modified: 2026-05-30T04:17:22.067
Link: CVE-2026-45343
No data.
OpenCVE Enrichment
Updated: 2026-05-28T22:30:28Z