CVE-2026-12047 pgAdmin 4: HTML injection in cloud verify_credentials / deploy endpoints via unsanitised SDK exception text
HTML injection in pgAdmin 4's cloud deployment module. The verifycredentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text — and the related file-resolution and database-commit...