CVE-2026-30919
Received Received - Intake
Stored XSS in facileManager fmDNS Module Before

Publication date: 2026-03-10

Last updated on: 2026-03-13

Assigner: GitHub, Inc.

Description
facileManager is a modular suite of web apps built with the sysadmin in mind. Prior to 6.0.4 , stored XSS (also known as persistent or second-order XSS) occurs when an application receives data from an untrusted source and includes that data in its subsequent HTTP responses in an unsafe manner. This vulnerability was found in the fmDNS module. This vulnerability is fixed in 6.0.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-10
Last Modified
2026-03-13
Generated
2026-06-16
AI Q&A
2026-03-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-30919
EUVD
EUVD-2026-10430
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
facilemanager facilemanager to 6.0.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-30919 is a high-severity Stored Cross-Site Scripting (XSS) vulnerability affecting the facileManager/fmdns module, specifically versions up to 5.4.4, with a patch available in version 6.0.4.'}, {'type': 'paragraph', 'content': "Stored XSS occurs when untrusted input is improperly handled and embedded in HTTP responses, allowing malicious scripts to persist and execute in users' browsers."}, {'type': 'paragraph', 'content': 'In this case, the vulnerability is present in multiple locations within the application, with the most critical being the "User Comment" field in the Edit Profile section.'}, {'type': 'paragraph', 'content': 'An attacker with low privileges can exploit this by injecting malicious payloads into input fields, which then execute when the affected pages are viewed.'}] [1]

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can lead to unauthorized content modification, data theft, and browser control hijacking.'}, {'type': 'paragraph', 'content': "Because the injected scripts execute in the context of the victim's browser, attackers can steal sensitive information, manipulate displayed content, or perform actions on behalf of the user."}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing input fields in the facileManager/fmdns module for stored XSS payloads, especially in the User Comment field in the Edit Profile section and other vulnerable input points such as Template Name fields and Image Branding settings.'}, {'type': 'paragraph', 'content': 'A practical approach is to inject known XSS payloads like `" onfocus=alert(document.domain) />` into these fields and then revisit the pages or access the admin panel to see if the payload executes.'}, {'type': 'paragraph', 'content': 'While no specific commands are provided, you can use tools such as curl or automated web vulnerability scanners to submit payloads and monitor HTTP responses or browser behavior for script execution.'}] [1]

Mitigation Strategies

Immediate mitigation steps include upgrading the facileManager/fmdns module to version 6.0.4 or later where the vulnerability is fixed.

  • Implement strict input filtering to allow only expected valid input at the point of data reception.
  • Apply proper output encoding tailored to the context (HTML, URL, JavaScript, CSS) to prevent execution of injected scripts.
  • Use appropriate HTTP response headers such as Content-Type and X-Content-Type-Options to enforce correct content interpretation.
  • Implement a Content Security Policy (CSP) as a defense-in-depth measure to limit the impact of any residual XSS vulnerabilities.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30919. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart