XSS in Github Enterprise Server

CVE-2026-10585

A stored cross-site scripting vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to execute arbitrary JavaScript in another user's browser by injecting a crafted payload into the title of a Disc…

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References