CVE-2026-50146 | withastro up to 6.3.2 data-astro-template cross site scripting

Inserito da Angelo Barbosa | Giu 22, 2026 | CVE

A vulnerability was found in withastro astro up to 6.3.2. It has been rated as problematic. The affected element is an unknown function. The manipulation of the argument data-astro-template leads to basic cross site scripting.

This vulnerability is referenced as CVE-2026-50146. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-50146 | withastro up to 6.3.2 data-astro-template cross site scripting

Post correlati

CVE-2023-50449 | JFinalCMS 5.0.0 /common/down/file fileKey path traversal

CVE-2024-47777 | GStreamer up to 1.24.9 gstwavparse.c gst_wavparse_smpl_chunk out-of-bounds (GHSL-2024-259)

CVE-2025-9702 | SourceCodester Simple Cafe Billing System 1.0 /sales_report.php month sql injection

CVE-2023-48737 | PT Trijaya Digital Grup TriPay Payment Gateway Plugin up to 3.2.7 on WordPress cross site scripting