GHSA-53rg-46cm-4g2vMediumCVSS 6.1

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor...

Published
June 23, 2026
Last Modified
June 23, 2026

🔗 CVE IDs covered (1)

📋 Description

Crawl4AI before 0.8.7 contains a stored cross-site scripting vulnerability in the monitor dashboard that renders crawl URLs and error messages via innerHTML without escaping. An attacker can submit a crafted crawl request with malicious markup that executes in an operator's browser when viewing the dashboard.

🔗 References (5)