Unknown · Lucy-Xss-Filter · CVE-2026-23769
**Name of the Vulnerable Software and Affected Versions**
lucy-xss-filter versions prior to commit e5826c0
**Description**
The software contains a flaw where an attacker can execute malicious JavaScript. This is due to improper sanitization resulting from misconfigured default superset rule files.
**Recommendations**
Update to version e5826c0 or later.