XSS in Wix Web Application
CVE-2026-2276
Reflected Cross-Site Scripting (XSS) vulnerability in the Wix web application, where the endpoint ' https://manage.wix.com/account/account-settings ', responsible for uploading SVG images, does not properly sanitize the content. An authent…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (32.0th percentile) — read the EPSS interpretation.
Affected products
- Wix Web Application — versions All versions