CVE-2026-3720
Remote XSS in 1024-lab SmartAdmin Notice Module
Publication date: 2026-03-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lab1024 | smartadmin | to 3.29 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3720 is a cross-site scripting (XSS) vulnerability found in the Notice module of the 1024-lab/lab1024 SmartAdmin product up to version 3.29.
The vulnerability exists in an unknown function within the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue.
It occurs because user-controllable input is not properly neutralized before being included in the web page output, allowing attackers to inject malicious JavaScript code.
This injected script can be stored and executed in the browsers of other users when they view the compromised notice, enabling persistent XSS attacks.
The attack can be launched remotely and requires some user interaction to be successful.
How can this vulnerability impact me? :
This vulnerability allows remote attackers to execute malicious JavaScript code in the browsers of users who view the compromised notice.
Such cross-site scripting attacks can compromise data integrity by stealing session tokens, redirecting users to malicious sites, or performing actions on behalf of the user.
Because the malicious script is stored and executed persistently, multiple users can be affected once the attack is successful.
The exploit is publicly available and considered easy to perform, increasing the risk of exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a stored cross-site scripting (XSS) issue in the Notice module of SmartAdmin, specifically in the file notice-form-drawer.vue. Detection involves identifying if malicious JavaScript code has been injected and stored via the rich text editor in the Notice module.
Since the vulnerability involves stored XSS, detection can be performed by reviewing the content of notices for suspicious or unexpected JavaScript code or HTML tags that could execute scripts.
There are no specific commands provided in the resources for automated detection on the network or system.
A general approach to detect XSS payloads in web application data includes searching the database or application storage for suspicious script tags or event handlers.
- Use database queries to search for script tags or suspicious JavaScript code in the Notice module data.
- Manually review notices displayed in the application for unexpected script execution.
- Use web vulnerability scanners that support XSS detection to scan the affected SmartAdmin instance.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'No official countermeasures or mitigations have been provided by the vendor as per the available information.'}, {'type': 'paragraph', 'content': 'Immediate mitigation steps include avoiding use of the vulnerable Notice module or replacing the affected component with an alternative product.'}, {'type': 'paragraph', 'content': "Additionally, restricting user input in the Notice module's rich text editor to disallow JavaScript or script tags can help reduce the risk."}, {'type': 'paragraph', 'content': 'Monitoring and sanitizing user inputs before storage and output is recommended to prevent exploitation.'}, {'type': 'paragraph', 'content': 'Applying web application firewalls (WAF) rules to detect and block XSS payloads targeting the Notice module may also help mitigate attacks.'}] [1, 2]