High severity7.1NVD Advisory· Published Mar 5, 2026· Updated Apr 23, 2026
CVE-2026-27352
CVE-2026-27352
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Starto starto allows Reflected XSS.This issue affects Starto: from n/a through < 2.2.5.
Affected products
1- Range: < 2.2.5
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.