23 matches found
EUVD-2026-25235
In hackage-server, user-controlled metadata from .cabal files are rendered into HTML href attributes without proper sanitization, enabling stored Cross-Site Scripting XSS attacks...