CVE-2026-29191 | Zitadel up to 4.11.x Login V2 Interface /saml-post cross site scripting (GHSA-pr34-2v5x-6qjq)

Inserito da Angelo Barbosa | Mar 7, 2026 | CVE

A vulnerability classified as problematic has been found in Zitadel up to 4.11.x. This impacts an unknown function of the file /saml-post of the component Login V2 Interface. Performing a manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-29191. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-29191 | Zitadel up to 4.11.x Login V2 Interface /saml-post cross site scripting (GHSA-pr34-2v5x-6qjq)

Post correlati

CVE-2025-6855 | chatchat-space Langchain-Chatchat up to 0.3.1 /v1/file flag path traversal (Issue 5354)

CVE-2024-6215 | SourceCodester Food Ordering Management System up to 1.0 view-ticket-admin.php id sql injection

CVE-2024-10900 | ProfileGrid Plugin up to 5.9.3.6 on WordPress User Meta authorization

CVE-2025-5144 | Events Calendar Plugin up to 6.13.2 on WordPress cross site scripting