Description

OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin when they attempt to migrate a user's discord account in the dashboard. Commit 1d32081a66f21bcf41df1ecb672490b13f6e429f patches the issue.

INFO

Published Date :

2026-01-19T20:55:28.469Z

Last Modified :

2026-01-20T15:12:32.529Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23880 vulnerability.

Vendors Products
Hackucf
  • Onboardlite
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23880.

URL Resource
https://github.com/HackUCF/OnboardLite/commit/1d32081a66f21bcf41df1ecb672490b13f6e429f cve-icon cve-icon
https://github.com/HackUCF/OnboardLite/security/advisories/GHSA-93w8-83cg-h89g cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact