CVE-2026-3024

UNKNOWN 0.0

Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma application web

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey that would harm the entire veterinary team. At the same time, a user with low privileges could exploit this vulnerability to access unauthorized data and perform actions with elevated privileges.

CWE	CWE-79
Vendor	wakyma
Product	wakyma application web
Published	Mar 16, 2026
Last Updated	Mar 16, 2026

Stay Ahead of the Next One

Get instant alerts for wakyma wakyma application web

Be the first to know when new unknown vulnerabilities affecting wakyma wakyma application web are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Wakyma / Wakyma application web

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web