CVE-2026-27901 | sveltejs svelte up to 5.53.4 bind:innerText/bind:textContent cross site scripting (GHSA-phwv-c562-gvmh)

A vulnerability was found in sveltejs svelte up to 5.53.4 and classified as problematic. This affects an unknown function. Such manipulation of the argument bind:innerText/bind:textContent leads to cross site scripting.

This vulnerability is referenced as CVE-2026-27901. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More