Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

CVE-2026-55779 XSS in archive admin restore

CVE-2026-55779 XSS in archive admin restore

Severity:
Medium (?)
Identifier:
CVE-2026-55779
Versions Affected:
< 3.2.1
Versions Fixed:
3.2.1
Release Date:
2026-06-24

It's possible to use the page title as an XSS vector when restoring a page in ArchiveAdmin

Base CVSS: 5.4
Reported by: Steve Boyd, Silverstripe Ltd.