Medium severity6.1NVD Advisory· Published Feb 26, 2024· Updated Jun 17, 2026
CVE-2024-26466
CVE-2024-26466
Description
A DOM based cross-site scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- wpt/web-platform-testsdescription
- Range: < 938e843
Patches
Vulnerability mechanics
References
1- gist.github.com/cd80/8e41a17bc0c2113f6347581cec726d11nvdThird Party Advisory
News mentions
0No linked articles in our index yet.