CVE-2026-50146 | withastro up to 6.3.2 data-astro-template cross site scripting

Inserito da Angelo Barbosa | Giu 22, 2026 | CVE

A vulnerability was found in withastro astro up to 6.3.2. It has been rated as problematic. The affected element is an unknown function. The manipulation of the argument data-astro-template leads to basic cross site scripting.

This vulnerability is referenced as CVE-2026-50146. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-50146 | withastro up to 6.3.2 data-astro-template cross site scripting

Post correlati

CVE-2024-29191 | AlexxIT go2rtc up to 1.8.5 GET Parameter links.html src cross site scripting (GHSL-2023-205)

CVE-2024-20480 | Cisco IOS XE up to 17.14.1a SD-Access Fabric Edge Node operator precedence logic error (cisco-sa-ios-xe-sda-edge-dos-MBcbG9k)

CVE-2025-64458 | Django up to 4.2.25/5.1.13/5.2.7 on Windows algorithmic complexity

CVE-2026-11623 | tmux up to 3.6a image.c image_free use after free