CVE-2026-8221 | Devs Palace ERP Online up to 4.0.0 /inventory/item-save cross site scripting

A vulnerability was found in Devs Palace ERP Online up to 4.0.0. It has been classified as problematic. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-8221. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More