XSS in Ail-project Ail-framework

CVE-2026-39416

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting (XSS) vulnerability was identified in the modal item preview functionality. When item content lo…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (12.6th percentile) — read the EPSS interpretation.

Affected products

Ail-project Ail-framework — versions < 6.8

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

https://github.com/ail-project/ail-framework/security/advisories/GHSA-fj6v-43r7-gcjm (x_refsource_CONFIRM)
https://vulnerability.circl.lu/vuln/gcve-1-2026-0023 (x_refsource_MISC)