A vulnerability marked as problematic has been reported in Drupal Canvas up to 1.4.1/1.5.1/1.6.0/1.7.0. Affected is an unknown function of the component Canvas. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2026-58588. The attack is possible to be carried out remotely. No exploit exists.