{"uuid": "6b93566a-6c34-49d1-9bae-0e594cd2a875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-8253", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mljxryaweh2g", "content": "Devs Palace ERP Online 4.0 hit by MEDIUM XSS (CVE-2026-8253) in /inventory/purchase_save. No patch \u2014 use WAF rules & restrict privileged access. Monitor for updates: https://radar.offseq.com/threat/cve-2026-8253-cross-site-scripting-in-devs-palace--7f918dea #OffSeq #XSS #ERPSecurity", "creation_timestamp": "2026-05-11T00:00:42.234171Z"}