go to Center block
Upper block

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

Ragic|Enterprise Cloud Database - 2 Vulnerabilities

TVN ID TVN-202607003
CVE ID CVE-2026-15552, CVE-2026-15553
CVSS 【CVE-2026-15552】
6.1 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

【CVE-2026-15553】
5.3 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products Enterprise Cloud Database
Description 【CVE-2026-15552(Stored Cross-Site Scripting)】
Unauthenticated remote attackers can inject persistent JavaScript code executed in users' browsers upon page load.

【CVE-2026-15553(Arbitrary File Upload)】
Unauthenticated remote attackers can upload malicious files and make them available for users to download.
Solution No action is required for the cloud version; the on-premises version must be updated to the patch released on or after April 10, 2026.
Credit VickeyTsai(Acer Cyber Security)
Public Date 2026-07-13
Top