CVE-2026-41305 PostCSS has XSS via Unescaped </style> in its CSS Stringify Output
ATT&CK techniques detected
T1059.007JavaScript
70%
“cve - 2026 - 41305 postcss has xss via unescaped < / style > in its css stringify output you need to enable javascript to run this app.”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Information published.