CVE-2026-34416
CVE-2026-34416 : OSCAL-GUI contains a reflected cross‑site scripting vulnerability. An unauthenticated attacker can craft a URL with unsanitized input in the project parameter of oscal.php, causing the input to break out of JavaScript string/HTML attribute context in the onload handler and execut...