CVE-2026-40487 | gitroomhq postiz-app up to 2.21.5 cross site scripting (GHSA-44wg-r34q-hvfx)

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability marked as problematic has been reported in gitroomhq postiz-app up to 2.21.5. Impacted is an unknown function. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-40487. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-40487 | gitroomhq postiz-app up to 2.21.5 cross site scripting (GHSA-44wg-r34q-hvfx)

Post correlati

CVE-2024-26933 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2/6.9-rc1 USB port.c device_del deadlock

CVE-2026-20915 | Checkmk up to 2.5.0b1 cross site scripting

CVE-2025-11123 | Tenda AC18 15.03.05.19 /goform/saveAutoQos enable stack-based overflow

CVE-2024-0196 | Magic-Api up to 2.0.1 save code injection