CVE-2026-28223 | Wagtail up to 6.3.7/7.0.5/7.2.2/7.3.0 wagtail.contrib.simple_translation cross site scripting

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Wagtail up to 6.3.7/7.0.5/7.2.2/7.3.0. This impacts an unknown function of the component wagtail.contrib.simple_translation. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-28223. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-28223 | Wagtail up to 6.3.7/7.0.5/7.2.2/7.3.0 wagtail.contrib.simple_translation cross site scripting

Post correlati

CVE-2025-8774 | riscv-boom SonicBOOM up to 2.2.3 L1 Data Cache timing discrepancy

CVE-2025-27638 | Vasion Print Virtual Appliance Host hard-coded password

CVE-2024-49377 | OctoPrint up to 1.10.2 cross site scripting (GHSA-xvxq-g8hw-fx4g)

CVE-2025-1852 | Totolink EX1800T 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi loginAuth password buffer overflow