CVE-2026-24476

Name of the Vulnerable Software and Affected Versions Shaarli versions prior to 0.16.0

Description Shaarli is a personal bookmarking service susceptible to a cross-site scripting (XSS) issue. A malicious tag beginning with a double quote (") can prematurely terminate the <input> tag on the start page, enabling an attacker to inject arbitrary HTML. This could lead to the execution of malicious scripts in a user's browser.

Recommendations Update to version 0.16.0 or later.