GHSA-hwmc-r6mf-jh83LowDisclosed before NVD

Schema.org has cross-site scripting (XSS) via script break-out in toScript() output

Published
July 1, 2026
Last Modified
July 1, 2026

📋 Description

Schema.org has a cross-site scripting (XSS) vulnerability via script break-out in toScript() output.

🎯 Affected products2

  • composer/spatie/schema-org:>= 3.23.1, < 3.23.2
  • composer/spatie/schema-org:>= 4.0.0, < 4.0.2

🔗 References (5)