Medium severity6.1NVD Advisory· Published Jun 2, 2026· Updated Jun 5, 2026
CVE-2026-35212
CVE-2026-35212
Description
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being rendered. Does require user interaction but could be exploited by someone sharing stix or any of the ingester. This could lead to CSRF and then large scale session theft. Version 7.260227.0 contains a fix.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <7.260227.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.