CVE-2026-7501 | LinkStackOrg LinkStack up to 4.8.6 UserController.php editPage pageDescription cross site scripting (ID 974)

A vulnerability was found in LinkStackOrg LinkStack up to 4.8.6. It has been declared as problematic. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting.

This vulnerability is registered as CVE-2026-7501. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The project was informed of the problem early through a pull request but has not reacted yet.VulDB Recent EntriesRead More