CVE-2026-54163 | github secure_headers up to 7.2.x Content-Security-Policy Builder sandbox/plugin_types/report_to cross site scripting
A vulnerability was found in github secure_headers up to 7.2.x. It has been classified as problematic. This vulnerability affects the function build_sandbox_list_directive/build_media_type_list_directive/build_report_to_directive of the component Content-Security-Policy Builder. Performing a manipulation of the argument sandbox/plugin_types/report_to results in cross site scripting.
This vulnerability is known as CVE-2026-54163. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More