GHSA-28vp-6rv7-m976HighCVSS 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...

Published
June 3, 2026
Last Modified
June 3, 2026

🔗 CVE IDs covered (1)

CVE-2025-15654

📋 Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fox-themes Prague allows Reflected XSS.

This issue affects Prague: from n/a through 2.2.8.

🔗 References (3)