CVE-2026-22033 | HumanSignal label-studio up to 1.22.0 API Endpoint custom_hotkeys cross site scripting

Inserito da Angelo Barbosa | Gen 12, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in HumanSignal label-studio up to 1.22.0. Affected by this issue is the function custom_hotkeys of the component API Endpoint. This manipulation causes cross site scripting.

This vulnerability is registered as CVE-2026-22033. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-22033 | HumanSignal label-studio up to 1.22.0 API Endpoint custom_hotkeys cross site scripting

Post correlati

CVE-2025-15103 | Delta Electronics DVP-12SE11T up to 2.15 Password information disclosure (PCSA-2025-00022)

CVE-2025-6735 | juzaweb CMS 3.4.2 Import Page /admin-cp/imports improper authorization

CVE-2025-57325 | rollbar up to 2.26.4 prototype pollution

CVE-2024-8893 | GoodWe GW1500‑XS 1.1.2.1 Web Interface hard-coded credentials