Back to overview

CVE-2026-50765

Description
Cross-Site Scripting (XSS) vulnerability in the patron restriction type administration page of Koha Library Management System through 25.11 allows an authenticated remote attacker with administrator privileges to inject arbitrary web scripts via the restriction type label (display_text field)

Metadata

CVE ID
CVE-2026-50765
State
PUBLISHED
Assigner
mitre
Reserved
2026-06-07 00:00 UTC
Published
2026-06-26 00:00 UTC
Last updated
2026-06-26 21:36 UTC
Vendor / Product
n/a / n/a
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
n/a n/a n/a
Weakness (CWE)
CWESourceDescription
cna n/a
References (2)
Back to overview