CVE-2026-2266

🗓️ 10 Mar 2026 18:55:38Reported by GitHub_PType

GitHub Enterprise Server has a DOM-based cross-site scripting via task lists enabling injected HTML by authenticated attackers.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2026-2266	10 Mar 202618:55	–	attackerkb
CNNVD	GitHub Enterprise Server 安全漏洞	10 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-2266 Improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injection	10 Mar 202618:55	–	cvelist
EUVD	EUVD-2026-10792	10 Mar 202621:32	–	euvd
EUVD	EUVD-2026-10793	10 Mar 202621:32	–	euvd
NVD	CVE-2026-2266	10 Mar 202620:16	–	nvd
OSV	CVE-2026-2266	10 Mar 202620:16	–	osv
Positive Technologies	PT-2026-24374	10 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-2266	26 Mar 202614:59	–	redhatcve
Vulnrichment	CVE-2026-2266 Improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injection	10 Mar 202618:55	–	vulnrichment

NVD

Vulners

Node

github enterprise_serverRange<3.18.6

github enterprise_serverRange3.19.0–3.19.3

[
  {
    "vendor": "GitHub",
    "product": "Enterprise Server",
    "versions": [
      {
        "status": "affected",
        "version": "3.18.0",
        "lessThanOrEqual": "3.18.5",
        "changes": [
          {
            "at": "3.18.6",
            "status": "unaffected"
          }
        ],
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "3.19.0",
        "lessThanOrEqual": "3.19.2",
        "changes": [
          {
            "at": "3.19.3",
            "status": "unaffected"
          }
        ],
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
docs	www.docs.github.com/en/[email protected]/admin/release-notes
docs	www.docs.github.com/en/[email protected]/admin/release-notes

12 Mar 2026 18:43Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.4

CVSS 47.4

EPSS0.00034

SSVC

CWE-79