2 matches found
CVE-2026-23630
creationtimestamp| type| source ---|---|--- 2026-01-22 01:14:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcxz3qaqqk2n...
CVE-2026-23630
Docmost is open-source collaborative wiki and documentation software. In versions 0.3.0 through 0.23.2, Mermaid code block rendering is vulnerable to stored Cross-Site Scripting XSS. The frontend can render attacker-controlled Mermaid diagrams using mermaid.render, then inject the returned SVG/HT...