Vulnerabilities

CVE-2026-31382

by Fred · 20/03/2026

The error_description parameter is vulnerable to Reflected XSS. An attacker can bypass the domain’s WAF using a Safari-specific onpagereveal payload.

More information : https://communities.gainsight.com/community-news-2/recent-gainsight-assist-plugin-remediations-cve-2026-31381-and-cve-2026-31382-30587

Similar

Tags: Cybersecurity Alert