CVE-2026-22674
Hashgraph Guardian prior to 3.5.0 is affected by a stored XSS vulnerability in the branding configuration API endpoint. The issue arises from unsanitized innerHTML in the branding service, allowing an authenticated user with the STANDARD_REGISTRY role to inject malicious scripts by submitting a c...