CVE-2026-22675

5.4 MEDIUM
Published: April 06, 2026 Modified: April 09, 2026
View on NVD

Description

OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft requests with malicious User-Agent values that are stored without sanitation and rendered with insufficient encoding in the web console, leading to arbitrary JavaScript execution in the browsers of authenticated users viewing the statistics dashboard.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/OCSInventory-NG/OCSInventory-Server/commit/78faf2ca8b897141ba4d337d75692ab8e405bd4e
Source: disclosure@vulncheck.com
Patch
https://github.com/OCSInventory-NG/OCSInventory-Server/pull/483
Source: disclosure@vulncheck.com
Issue Tracking
https://www.vulncheck.com/advisories/ocs-inventory-ng-server-stored-xss-via-user-agent
Source: disclosure@vulncheck.com
Third Party Advisory VDB Entry

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.4 / 10.0
EPSS (Exploit Probability)
0.0%
12th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

ocsinventory-ng

Related CVEs

CVE-2026-40688 7.2
CVE-2026-39399 9.6
CVE-2026-39387 7.2
CVE-2026-35589 8.0
CVE-2026-35034 6.5