CVE-2026-14449

Summary

u5CMS through v12.8.8 is vulnerable to reflected XSS via the ‘thanks’ parameter in multiple form components

Affected Software

VendorProductVersion RangeStatus
u5CMSu5CMS0 <= 12.8.8affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References