XSS in Craftcms Cms

CVE-2026-55793

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries…

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References