Mirrors/astaruf-cve-2026-40487
1
0
Fork 0
mirror of https://github.com/Astaruf/CVE-2026-40487 synced 2026-06-08 08:25:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Lorenzo Anastasi
2026-04-22 21:37:23 +02:00
committed by GitHub
parent b3821bd03a
commit cf4fba64b2
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+3
View File
@@ -12,6 +12,8 @@ Discovered & reported by: [Astaruf](https://www.linkedin.com/in/lorenzoanastasi/
Full writeup: [https://nstsec.com/en/posts/postiz-xss-cve-2026-40487/](https://nstsec.com/en/posts/postiz-xss-cve-2026-40487/)
NVD entry: [https://nvd.nist.gov/vuln/detail/CVE-2026-40487](https://nvd.nist.gov/vuln/detail/CVE-2026-40487)
GHSA entry: [https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-44wg-r34q-hvfx](https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-44wg-r34q-hvfx)
CVE Record: [https://www.cve.org/CVERecord?id=CVE-2026-40487](https://www.cve.org/CVERecord?id=CVE-2026-40487)
@@ -288,6 +290,7 @@ Version 2.21.6 introduced three changes:
- [Full Astaruf writeup](https://nstsec.com/en/posts/postiz-xss-cve-2026-40487/)
- [CVE-2026-40487 - GHSA Security Advisory](https://github.com/gitroomhq/postiz-app/security/advisories)
- [CVE-2026-40487 - NVD entry](https://nvd.nist.gov/vuln/detail/CVE-2026-40487)
- [Postiz - Official Repository](https://github.com/gitroomhq/postiz-app)
- [Postiz v2.21.6 - Fix Release](https://github.com/gitroomhq/postiz-app/releases/tag/v2.21.6)
- [CWE-345: Insufficient Verification of Data Authenticity](https://cwe.mitre.org/data/definitions/345.html)