Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: cwe-644 Clear
ID Title
CVE-2026-55791 Cross-Site Scripting (XSS) in craftcms/cms (CVE-2026-55791)
cross-site scripting in craftcms/cms (CVE-2026-55791). Risk of unauthorized operations or information disclosure. Exploitable via ``trustedHosts``. Mitigation: upgrade to `4.18` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →