CVE-2026-24045

Name of the Vulnerable Software and Affected Versions Docmost versions prior to 0.25.0

Description Docmost is collaborative wiki and documentation software. The public share page functionality does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This allows for Stored Cross-Site Scripting (XSS) attacks, enabling an attacker to execute arbitrary JavaScript in the context of any user who opens a shared page link.

Recommendations Update to version 0.25.0 or later.