Back to search
CVE-2026-1434
Published: Feb 27, 2026
Modified: Feb 27, 2026
PUBLISHED
Description
Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a malicious URL that, when opened, causes arbitrary JavaScript to execute in the victim’s browser. This issue was fixed in 4.6.7.
| Vendor | Product | Versions |
|---|---|---|
Politechnika Warszawska | Omega-PSIR | affected 4.5.9 - <= 4.6.6 |
Weaknesses (CWE)
References
https://cert.pl/posts/2026/02/CVE-2026-1434
third-party-advisory
https://www.omegapsir.io/
product
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now