Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Soledad: Malicious scripts can be injected into web pages
CVE-2026-27069
Summary
A security issue in Soledad allows attackers to inject malicious scripts into web pages, potentially allowing them to steal user data or take control of user sessions. This affects all versions of Soledad up to 8.7.2. To fix this, update to a newer version of Soledad as soon as possible.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through <...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through <= 8.7.2.
nvd CVSS3.1
6.5
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026