CVE-2026-29969

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

26/03/2026

Last modified:

26/03/2026

Description

A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user&#39;s browser via a crafted HTTP request.

Impact

References to Advisories, Solutions, and Tools

https://github.com/cmoncrook/Security-Advisories/blob/main/cve-2026-29969