CVE-2026-1439

Name of the Vulnerable Software and Affected Versions Graylog versions 2.2.3

Description A Reflected Cross-Site Scripting (XSS) issue exists in the Graylog Web Interface console due to insufficient sanitization and escaping of HTML output. The issue occurs because certain endpoints incorporate portions of the URL directly into the response without proper output encoding. This allows an attacker to inject and execute arbitrary JavaScript code when a user accesses a specially crafted URL. Exploitation could lead to script execution within the victim's browser and potential manipulation of the affected user's session. The affected API endpoint is /alerts/. The vulnerability allows for the injection of code through the URL.

Recommendations Update Graylog to a version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.