2 matches found
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
Simple:Press < 6.8.1 - Unauthenticated Stored XSS via Forum Replies
The plugin does not sanitise and escape the postitem parameter when posting a forum reply, which could allow unauthenticated users to perform Stored XSS attacks...