CVE-2026-45627 | getarcaneapp arcane up to 1.18.x URL /api/app-images/logo cross site scripting (GHSA-q2pj-8v84-9mh5)

A vulnerability was found in getarcaneapp arcane up to 1.18.x. It has been classified as problematic. This affects an unknown function of the file /api/app-images/logo of the component URL Handler. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2026-45627. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More