PT-2026-21866
Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.1 Description The application reflects the UUID path parameter directly in the HTTP response body without HTML escaping in the RSS single-watch endpoint. Because Flask defaults to returning text/html f...