CVE-2026-54002 - Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`
CVE ID :CVE-2026-54002 Published : July 9, 2026, 7:17 p.m. | 1 hour, 15 minutes ago Description :Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize(), Sane::sanitize(),...