XSS in Authelia

CVE-2026-33525

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (5.9th percentile) — read the EPSS interpretation.