CVE-2026-21872 | zauberzeug nicegui up to 3.4.x ui.sub_pages cross site scripting (GHSA-m7j5-rq9j-6jj9)

A vulnerability, which was classified as problematic, was found in zauberzeug nicegui up to 3.4.x. This affects the function ui.sub_pages. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2026-21872. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More