CVE-2026-33506 | ory polis up to 26.1.x cross site scripting (GHSA-3wjr-6gw8-9j22)

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability classified as problematic has been found in ory polis up to 26.1.x. This affects an unknown function. This manipulation causes improper neutralization of alternate xss syntax.

The identification of this vulnerability is CVE-2026-33506. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-33506 | ory polis up to 26.1.x cross site scripting (GHSA-3wjr-6gw8-9j22)

Post correlati

CVE-2025-13689 | IBM DataStage on Cloud Pak up to 5.3.0 unrestricted upload

CVE-2024-22389 | F5 BIG-IP up to 15.1.8/16.1.3/17.1.0 iControl REST session expiration (K32544615)

CVE-2024-28211 | NAVER nGrinder up to 3.5.8 RMI Registry deserialization

CVE-2021-46911 | Linux Kernel up to 5.10.31/5.11/5.11.15 Page Refcount ch_ktls denial of service (8d5a9dbd2116/8348665d4181/1a73e427b824)