A vulnerability marked as problematic has been reported in gohugoio Hugo up to 0.161.x. Impacted is an unknown function. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2026-50133. The attack may be initiated remotely. There is no available exploit.