CVE-2026-41241

Source: nvd.nist.gov

Published:

<p>pretalx is a conference planning tool. Prior to 2026.1.0, The organiser in the pretalx backend rendered submission titles, speaker display names, and user names/emails into the result dropdown using innerHTML string interpolation. Any user who controls one of those fields (which includes any regi

Read original article