CVE-2026-55790 | Craft CMS up to 4.17.15/5.9.22 CraftSupport Widget cross site scripting (GHSA-24×4-j6x9-rfw5)

SecurityVulns

A vulnerability was found in Craft CMS up to 4.17.15/5.9.22. It has been classified as critical. The impacted element is an unknown function of the component CraftSupport Widget. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-55790. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More