CVE Catalog

CVE-2026-57534

LowCVSS 2.1
Published: Updated: Translated: NVD NIST

Summary

The pretix-pages plugin allows injection of malicious HTML content into a page's content. An attacker can exploit this vulnerability to place dangerous content on the page.

Risk Assessment

The risk involves the possibility of an XSS attack, which could lead to user data theft or session hijacking.

Recommendation

Update the pretix-pages plugin to the latest version that includes a fix for HTML injection.

Original NVD description (English source)

Malicious HTML content could be injected into the content of a page in the pretix-pages plugin.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS