XSS in Gristlabs Grist-core

CVE-2026-55665

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, Grist contained two cross-site scripting vulnerabilities where an attacker-controlled value reached a link's href without scheme validation, so a javascri…

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References