CVE-2026-25735
Rucio WebUI Identity Name contains a stored XSS vulnerability. Attacker-supplied input is persisted and later rendered without proper output encoding, enabling arbitrary JavaScript execution in the WebUI for affected users. This can potentially lead to session token theft or unauthorized actions....