2 matches found
CVE-2026-28355
creationtimestamp| type| source ---|---|--- 2026-02-27 23:33:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfuuo7pufx2y...
CVE-2026-28355 "PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting
Canarytokens help track activity and actions on a network. Versions prior to sha-7ff0e12 have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with. The creator of a PWA Canarytoken can inser...