CVE-2026-24824

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java.

This issue affects yacy_search_server.

Vulnerability Details

Published Date

January 27, 2026

Last Modified

January 27, 2026

CWE ID

CWE-79

Source

NVD

Vendor

yacy

Product

yacy_search_server

External References

https://github.com/yacy/yacy_search_server/pull/722

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment