XSS in Bludit

CVE-2026-4420

Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated attacker with page creation privileges (such as Author, Editor, or Administrator) can embed a malicious JavaScript payload in th…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (22.1th percentile) — read the EPSS interpretation.