CVE-2026-41886 | locize up to 4.0.20 postMessage cross site scripting (GHSA-w937-fg2h-xhq2)

A vulnerability was found in locize up to 4.0.20. It has been classified as problematic. This issue affects some unknown processing of the component postMessage Handler. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2026-41886. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More