{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T12:34:39.070","vulnerabilities":[{"cve":{"id":"CVE-2026-28274","sourceIdentifier":"security-advisories@github.com","published":"2026-02-26T23:16:37.073","lastModified":"2026-02-27T19:07:37.763","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the \"Initiatives\" section can upload a malicious `.html` or `.htm` file as a document. Because the uploaded HTML file is served under the application's origin without proper sandboxing, the embedded JavaScript executes in the context of the application. As a result, authentication tokens, session cookies, or other sensitive data can be exfiltrated to an attacker-controlled server. Additionally, since the uploaded file is hosted under the application's domain, simply sharing the direct file link may result in execution of the malicious script when accessed. Version 0.32.4 fixes the issue."},{"lang":"es","value":"Initiative es una plataforma de gestión de proyectos autohospedada. Las versiones de la aplicación anteriores a la 0.32.4 son vulnerables a Cross-Site Scripting Almacenado (XSS) en la funcionalidad de carga de documentos. Cualquier usuario con permisos de carga dentro de la sección 'Initiatives' puede cargar un archivo .html o .htm malicioso como documento. Debido a que el archivo HTML cargado se sirve bajo el origen de la aplicación sin un sandboxing adecuado, el JavaScript incrustado se ejecuta en el contexto de la aplicación. Como resultado, los tokens de autenticación, las cookies de sesión u otros datos sensibles pueden ser exfiltrados a un servidor controlado por el atacante. Además, dado que el archivo cargado está alojado bajo el dominio de la aplicación, simplemente compartir el enlace directo al archivo puede resultar en la ejecución del script malicioso al ser accedido. La versión 0.32.4 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:morelitea:initiative:*:*:*:*:*:*:*:*","versionEndExcluding":"0.32.2","matchCriteriaId":"14E07E5B-5651-4A27-86E2-CE508B70B3B6"}]}]}],"references":[{"url":"https://github.com/Morelitea/initiative/releases/tag/v0.32.4","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/Morelitea/initiative/security/advisories/GHSA-v38c-x27x-p584","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}