CVE-2026-26862 | CleverTap Web SDK up to 1.15.2 Visual Builder pageBuilder.js includes cross site scripting (Issue 442)

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability categorized as problematic has been discovered in CleverTap Web SDK up to 1.15.2. This vulnerability affects the function includes of the file src/modules/visualBuilder/pageBuilder.js of the component Visual Builder Module. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2026-26862. It is possible to launch the attack remotely. No exploit is available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-26862 | CleverTap Web SDK up to 1.15.2 Visual Builder pageBuilder.js includes cross site scripting (Issue 442)

Post correlati

CVE-2025-6667 | code-projects Car Rental System 1.0 /admin/add_cars.php image unrestricted upload

CVE-2024-4000 | Header Builder Plugin up to 1.3.6 on WordPress Shortcode cross site scripting

CVE-2025-24017 | yeswiki up to 4.4.x cross site scripting

CVE-2024-32679 | Shared Files Plugin up to 1.7.16 on WordPress authorization