{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30252", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-03T14:40:38.853Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-04-02T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-02T20:33:46.851Z"}, "descriptions": [{"lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/skit-cyber-security/ZenShare-Suite"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T14:40:08.376376Z", "id": "CVE-2026-30252", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T14:40:38.853Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30252", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T14:40:08.376376Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T14:40:31.434Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/skit-cyber-security/ZenShare-Suite"}], "descriptions": [{"lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-02T20:33:46.851Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30252", "state": "PUBLISHED", "dateUpdated": "2026-04-03T14:40:38.853Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-02T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters."}], "id": "CVE-2026-30252", "lastModified": "2026-04-03T16:10:23.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-02T21:16:40.490", "references": [{"source": "cve@mitre.org", "url": "https://github.com/skit-cyber-security/ZenShare-Suite"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "17.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "zenshare_suite", "vendor": "interzen_consulting"}], "analysis": {"en": {"generated_at": "2026-04-03T17:22:27.628164+00:00", "value": {"mitigation_remediation": ["If an official patch is available, upgrade ZenShare Suite to the fixed version as soon as possible.", "If the patch cannot be applied, restrict the login.php endpoint to authenticated traffic only or disable acceptance of the codice_azienda and red_url parameters via server configuration or URL rewriting.", "Deploy a web application firewall rule that blocks query strings containing script delimiters or known XSS payload patterns before the request reaches the application.", "Implement a Content Security Policy in the web application headers to mitigate the impact of any residual reflected XSS attempts."], "summary": {"action": "Apply patch", "impact": "Cross\u2011Site Scripting in the user browser"}, "threat_synthesis": {"affected_systems": "Interzen Consulting S.r.l provides ZenShare Suite, specifically version 17.0. This is the sole version indicated as affected; any installations using that version are at risk.", "description_and_impact": "The vulnerability is a reflected cross\u2011site scripting flaw located in the login.php endpoint of ZenShare Suite. Attackers can embed malicious JavaScript code in the codice_azienda and red_url query parameters. When an authenticated or unauthenticated user visits a crafted URL, the script is executed within the context of the victim\u2019s browser, enabling the attacker to steal session cookies, deface the page or defraud users. The weakness is a typical input validation problem that falls under a reflected XSS (CWE\u201179).", "risk_and_exploitability": "The CVSS score of 6.1 indicates moderate severity, while the EPSS score of less than 1% suggests low exploitation probability at present. The vulnerability is not listed in the CISA KEV catalog. Inference from the description indicates that an attacker must construct a malicious URL and entice a user to click it; once triggered, the malicious script runs, but the exploit is limited to actions a browser script can perform, with no direct remote code execution on the server. The attack vector is likely remote via HTTP requests to the login endpoint, with the prerequisite that a user accesses the crafted link."}}}}, "created": "2026-04-03T08:58:17.612480+00:00", "updated": "2026-04-03T21:17:19.076681+00:00", "vendors": ["interzen_consulting", "interzen_consulting$PRODUCT$zenshare_suite"]}