CVE-2026-28126

Name of the Vulnerable Software and Affected Versions sizam RH Frontend Publishing Pro versions through 4.3.2

Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting (XSS). This means that malicious scripts can be injected into web pages viewed by users. The vulnerability exists due to insufficient sanitization of user-supplied input. The affected component is rh-frontend.

Recommendations Update to a version newer than 4.3.2.