CVE-2026-22867

Name of the Vulnerable Software and Affected Versions LaSuite Doc versions 3.8.0 through 4.3.0

Description LaSuite Doc is a collaborative note taking, wiki and documentation platform. A Stored Cross-Site Scripting (XSS) issue exists in the Interlinking feature. When a user creates a link to another document within the editor, the URL of that link is not validated. An attacker with document editing privileges can inject a malicious javascript: URL that executes arbitrary code when other users click on the link.

Recommendations Update LaSuite Doc to version 4.4.0.