GHSA-g3hf-77hr-rvcrMedium

Malicious HTML content could be injected into the email address of an order, which pretix showed...

Published
June 25, 2026
Last Modified
June 25, 2026

🔗 CVE IDs covered (1)

📋 Description

Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order.

🔗 References (3)