CVE-2026-4175
Awaiting Analysis Awaiting Analysis - Queue
Remote XSS in Aureus ERP Chatter Message Handler Component

Publication date: 2026-03-16

Last updated on: 2026-03-16

Assigner: VulDB

Description
A vulnerability was determined in Aureus ERP up to 1.3.0-BETA2. The affected element is an unknown function of the file plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php of the component Chatter Message Handler. Executing a manipulation of the argument subject/body can lead to cross site scripting. The attack can be launched remotely. Upgrading to version 1.3.0-BETA1 is sufficient to fix this issue. This patch is called 2135ee7efff4090e70050b63015ab5e268760ec8. It is suggested to upgrade the affected component.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-16
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4175
EUVD
EUVD-2026-12224
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
aureuserp aureus_erp to 1.3.0-BETA2 (inc)
aureuserp aureus_erp 1.3.0-BETA1
aureuserp aureus_erp to 1.3.0-beta1 (exc)
aureuserp aureus_erp 1.3.0-beta1
aureus erp 1.3.0-beta2
aureus erp From 1.3.0-beta1 (inc)
aureus erp to 1.3.0-BETA2 (inc)
aureus erp 1.3.0-BETA1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-4175 is a stored cross-site scripting (XSS) vulnerability in the Chatter feature of the Aureus ERP application, specifically in the file content-text-entry.blade.php. The vulnerability arises because user-controlled input in the subject and body fields is rendered without proper sanitization, allowing an authenticated attacker with permissions to create or modify Chatter messages to inject malicious HTML or JavaScript code. This malicious code then executes in the browsers of other users who view the affected messages.'}, {'type': 'paragraph', 'content': "The root cause is the use of Blade's unescaped syntax ({!! ... !!}) to output user input directly, which permits arbitrary script injection. The vulnerability affects Aureus ERP versions up to 1.3.0-BETA2 and can be fixed by upgrading to version 1.3.0-BETA1 or later, which applies sanitization to user inputs before rendering."}] [1, 3, 4, 5]

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability can impact you by allowing an attacker to execute malicious scripts in the context of your web application users' browsers. Specifically, an attacker who can create or modify Chatter messages can embed scripts that execute when other users view those messages."}, {'type': 'list_item', 'content': 'Session hijacking – attackers can steal session cookies to impersonate users.'}, {'type': 'list_item', 'content': 'Unauthorized actions – malicious scripts can perform actions on behalf of the victim user.'}, {'type': 'list_item', 'content': 'Data exfiltration – sensitive information from the application panel can be stolen.'}, {'type': 'paragraph', 'content': 'Because the attack is stored and persistent, the malicious payload remains in the system until fixed, potentially affecting multiple users over time.'}] [1]

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by identifying the presence of the vulnerable file path in the Aureus ERP installation: plugins/webkul/chatter/resources/views/filament/infolists/components/messages/content-text-entry.blade.php.

Since the vulnerability involves unsafe rendering of user-controlled input in the subject and body fields of Chatter messages, detection can involve checking for unescaped HTML or JavaScript in these fields.

A practical approach to detection includes searching for the vulnerable file or checking the version of Aureus ERP to see if it is up to 1.3.0-BETA2, which is affected.

Google dorking can be used to find vulnerable targets by searching for the vulnerable file path.

No specific network or system commands are provided in the available resources.

Mitigation Strategies

The immediate and recommended mitigation step is to upgrade Aureus ERP to version 1.3.0-BETA1 or later, as this version includes the patch that fixes the vulnerability.

The patch (commit ID: 2135ee7efff4090e70050b63015ab5e268760ec8) sanitizes user input in the vulnerable Blade template files to prevent cross-site scripting.

Applying this patch or upgrading to the fixed version will prevent exploitation of the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4175. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart