MEDIUM
shaarli
CVE published 2026-06-17
CVE-2026-48822
CVE-2026-48822 is a stored Cross-Site Scripting (XSS) vulnerability in Shaarli, a personal bookmarking service. The vulnerability affects versions 0.16.1 and prior and is caused by a flaw in the Markdown-to-HTML conversion process used in the Bookmark Description field. An authenticated user can inject a malicious javascript: URI inside a Markdown link, allowing for potential XSS attacks. The vulnerabilit [truncated]