CVE-2026-22704: HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover
Stored XSS Leading to Account Takeover
References
- github.com/advisories/GHSA-3fm2-xfq7-7778
- github.com/haxtheweb/haxcms-nodejs/commit/317a8ae29f88be389f7cfeffaef416957122d97e
- github.com/haxtheweb/haxcms-nodejs/releases/tag/v25.0.0
- github.com/haxtheweb/issues
- github.com/haxtheweb/issues/security/advisories/GHSA-3fm2-xfq7-7778
- nvd.nist.gov/vuln/detail/CVE-2026-22704
Code Behaviors & Features
Detect and mitigate CVE-2026-22704 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →