CVE-2026-29969
Cross-Site Scripting in Staffwiki wff_cols_pref.css.aspx Endpoint
Publication date: 2026-03-26
Last updated on: 2026-03-30
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| staffwiki | staffwiki | 7.0.1.19219 |
| workflowfirst_software_llc | staffwiki | to vPENDING (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-29969 is a reflected Cross-Site Scripting (XSS) vulnerability found in the wff_cols_pref.css.aspx endpoint of staffwiki version 7.0.1.19219.
This vulnerability occurs because user-supplied input embedded within the URL path filename is returned unsanitized in the HTTP response, allowing attackers to inject arbitrary JavaScript.
An attacker can craft a malicious HTTP request containing encoded JavaScript that executes within the context of the user's browser when they interact with the affected endpoint.
Some characters require encoding to bypass input validation controls, but simple payloads can execute directly.
This enables execution of attacker-controlled scripts, potentially compromising the user's session or data.
How can this vulnerability impact me? :
This vulnerability allows attackers to execute arbitrary JavaScript code in the context of a user's browser when they visit the vulnerable endpoint.
- Stealing user session cookies or authentication tokens.
- Performing actions on behalf of the user without their consent.
- Redirecting users to malicious websites.
- Injecting malicious content or defacing the website.
Overall, this can lead to compromised user accounts, data theft, and loss of trust in the affected application.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP requests to the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 and observing if arbitrary JavaScript is executed or reflected unsanitized in the HTTP response.
A practical approach is to use tools like curl or a web proxy to send requests with encoded JavaScript payloads in the URL path filename and check the response for unsanitized script injection.
- Example curl command to test the vulnerability: curl -i "http://target/wff_cols_pref.css.aspx/%3Cscript%3Ealert('XSS')%3C/script%3E"
- Use a web proxy or browser developer tools to inspect the HTTP response for reflected script tags or JavaScript code.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate mitigation is to upgrade staffwiki to the forthcoming patched version (vPENDING) once it becomes available.
Until the patch is available, consider implementing web application firewall (WAF) rules to block requests containing suspicious or encoded JavaScript payloads targeting the wff_cols_pref.css.aspx endpoint.
Additionally, restrict access to the vulnerable endpoint if possible and monitor logs for suspicious requests attempting to exploit this XSS vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the cross-site scripting (XSS) vulnerability in staffwiki v7.0.1.19219 impacts compliance with common standards and regulations such as GDPR or HIPAA.