PT-2026-3221 · Unknown · Lucy-Xss-Filter

Younghun Ko

Published

2026-01-16

Updated

2026-01-23

CVE-2026-23769

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions lucy-xss-filter versions prior to commit e5826c0

Description The software contains a flaw where an attacker can execute malicious JavaScript. This is due to improper sanitization resulting from misconfigured default superset rule files.

Recommendations Update to version e5826c0 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-23769

Affected Products

Lucy-Xss-Filter

PT-2026-3221 · Unknown · Lucy-Xss-Filter

CVE-2026-23769

Weakness Enumeration

Related Identifiers

Affected Products

References · 6