CVE-2026-6218 | aandrew-me ytDownloader up to 3.20.2 Error Details Panel createTextNode cross site scripting

A vulnerability described as problematic has been identified in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. The manipulation results in cross site scripting.

This vulnerability was named CVE-2026-6218. The attack may be performed from remote. There is no available exploit.

The vendor was contacted early about this disclosure.VulDB Recent EntriesRead More