CVE-2026-26272 | sysadminsmedia homebox 0.20.1/0.24.0 SVG File Parser cross site scripting (GHSA-55fv-9q6q-vpcr)

A vulnerability was found in sysadminsmedia homebox 0.20.1/0.24.0. It has been declared as problematic. The affected element is an unknown function of the component SVG File Parser. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-26272. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More