Vulnerability CVE-2024-26466
Published: 2024-02-26

Description:
A DOM based cross-site scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL.

 References:
https://gist.github.com/cd80/8e41a17bc0c2113f6347581cec726d11
Copyright 2026, cxsecurity.com

 

Back to Top