Lucene search
K

4 matches found

PyPA
PyPA
added 2026/06/23 1:16 p.m.7 views

PYSEC-2026-230

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

6.1CVSS5.6AI score0.00195EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2026-56263

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

6.1CVSS0.00195EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 12:13 p.m.4 views

CVE-2026-56263 Crawl4AI - Stored Cross-Site Scripting in Monitor Dashboard

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing t...

5.3CVSS5.9AI score0.00421EPSS
Exploits0References5
CVE
CVE
added 2026/06/23 12:13 p.m.15 views

CVE-2026-56263

CVE-2026-56263 affects Crawl4AI prior to 0.8.7. A stored cross-site scripting vulnerability exists in the monitor dashboard where crawl URLs and error messages are rendered via innerHTML without escaping. An attacker could submit a crafted crawl request and, when an operator views the dashboard, ...

6.1CVSS5.7AI score0.00195EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder