Back to CVE List

CVE-2026-44990

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.3 / 10

Vulnerability Description

Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
sanitize-html

External References

Discussion (0)

Add Comment

No comments yet. Be the first!