CVE-2026-25500 | Rack up to 2.2.21/3.1.19/3.2.4 Rack::Directory cross site scripting

A vulnerability has been found in Rack up to 2.2.21/3.1.19/3.2.4 and classified as problematic. This vulnerability affects the function Rack::Directory. This manipulation causes cross site scripting.

This vulnerability is tracked as CVE-2026-25500. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More