CVE-2026-31352

NONE

Apr 06, 2026

Updated Apr 06, 2026

Payload

Parameter	Value
Vendor	Payload
Public PoC	No

An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter.

References 2

https://github.com/liufee/cms

cve@mitre.org

https://github.com/liufee/cms/issues/83

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1114

Payload

9.8

CVE-2026-35203

Payload

7.5

CVE-2026-35209

Payload

7.5

CVE-2026-35173

Payload

6.5

CVE-2026-34989

Payload

9.4

CVE Details

CVE ID

CVE-2026-31352

Published Date

Apr 06, 2026

Vendor

Payload

Severity

NONE

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2026-31352

References 2

Related Vulnerabilities

CVE-2026-1114

CVE-2026-35203

CVE-2026-35209

CVE-2026-35173

CVE-2026-34989

CVE Details

Editor's Choice

Menu

CVE-2026-31352

References 2

Related Vulnerabilities

CVE-2026-1114

CVE-2026-35203

CVE-2026-35209

CVE-2026-35173

CVE-2026-34989

CVE Details

Editor's Choice

Stay informed on cybersecurity