CVE-2026-22256

Name of the Vulnerable Software and Affected Versions Salvo versions prior to 0.88.1

Description Salvo is a Rust web backend framework. Prior to version 0.88.1, the list html function generates a file view of a folder, including a render of the current path. This path is inserted into the HTML without proper sanitation, leading to a reflected Cross-Site Scripting (XSS) issue. The request path is decoded and normalized during the matching stage but is inserted raw into the HTML view (current.path). The issue requires the root path (e.g., /files) to have a subdirectory (e.g., styles/scripts/etc.) to trigger the list HTML page instead of a Not Found page.

Recommendations Versions prior to 0.88.1 should be updated to version 0.88.1 or later.