CVE-2025-31138 tarteaucitron.js allows UI manipulation via unrestricted CSS injection

tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where user-controlled inputs for element dimensions width and height were not properly validated. This allowed an attacker with direct access to the site's source code...