EUVD-2026-16917

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

CVE-2026-4995

wandb OpenUI up to version 1.0 is affected. The vulnerability targets the Window Message Event Handler in frontend/public/annotator/index.html, enabling cross-site scripting. Exploitation can be performed remotely, and the exploit has been publicly disclosed. The vendor was contacted early but di...

CVE-2026-4995 wandb OpenUI Window Message Event index.html cross site scripting

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

OpenUI 代码注入漏洞

OpenUI is an open source UI program. A cross-site scripting vulnerability exists in OpenUI 1.0 and earlier versions. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the file frontend/public/annotator/index.html, which can be exploited by an...