CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dovestones: >> Ad Phonebook Security Vulnerabilities

CVE-2026-31013

Dovestones Softwares ADPhonebook <4.0.1.1 has a reflected cross-site scripting (XSS) vulnerability in the search parameter of the /ADPhonebook?Department=HR endpoint. User-supplied input is reflected in the HTTP response without proper input validation or output encoding, allowing execution of arbitrary JavaScript in the victim's browser.

CVSS Score

6.1

EPSS Score

0.0

Published

2026-04-21

Page 1

Vulnerabilities

Vulnerable Software

Dovestones: >> Ad Phonebook Security Vulnerabilities

Products

Pricing

Contact Us