CVE-2026-40927 | Docmost up to 0.79.x javascript URI cross site scripting (GHSA-4gv6-jw3v-wc34)

A vulnerability, which was classified as problematic, was found in Docmost up to 0.79.x. The affected element is an unknown function of the component javascript URI Handler. Executing a manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2026-40927. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More