CVE-2026-14704

Severity CVSS v4.0:
LOW
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
05/07/2026
Last modified:
06/07/2026

Description

A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report.