CVE-2026-10234 | Mettle sendportal up to 3.0.1 Campaign /webview/ content cross site scripting (Issue 338)

A vulnerability described as problematic has been identified in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting.

This vulnerability is reported as CVE-2026-10234. The attack can be launched remotely. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More