Loading market data...
← Back to CVE feed

CVE-2026-13225

UNKNOWN View on NVD ↗

Description

Malicious HTML content could be injected into the email address of an order, which pretix showed without sanitization on the confirmation page for individual tickets in that order.

Published: Jun 25, 2026 15:16 UTC Modified: Jun 25, 2026 16:16 UTC