A vulnerability was found in plank laravel-mediable up to 6.x. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the component SVG file Handler. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-49971. The attack is possible to be carried out remotely. No exploit exists.