3 matches found
CVE-2026-12811
creationtimestamp| type| source ---|---|--- 2026-06-22 02:11:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3motspf27gv2s...
CVE-2026-12811
A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The...
CVE-2026-12811
The CVE affects kortix-ai suna prior to 0.8.39, specifically the Auth Endpoint’s frontend component at apps/frontend/src/app/auth/page.tsx. The vulnerability stems from router.push/replace handling of the returnURL argument, enabling cross-site scripting. Exploitation is possible remotely and the...