CVE-2026-1441

Name of the Vulnerable Software and Affected Versions Graylog versions 2.2.3

Description A Reflected Cross-Site Scripting (XSS) issue exists in the Graylog Web Interface console due to insufficient sanitization and escaping of HTML output. The issue allows an attacker to inject and execute arbitrary JavaScript code when a user visits a specially crafted URL. This is possible because several endpoints include segments of the URL directly in the response without applying output encoding. Exploitation may allow script execution in the victim's browser and limited manipulation of the affected user's session context, through the /system/index sets/ endpoint.

Recommendations Update to a newer version that contains a fix for this vulnerability.