CVE-2026-27974
Audiobookshelf mobile app vulnerable to cross-site scripting (XSS) in all pre-0.12.0-beta versions. Malicious library metadata can execute JavaScript in victim WebViews when an attacker has library modification privileges or controls a malicious podcast RSS feed, potentially enabling session hija...