Published
2026-06-15 19:43
When viewing.a scheduled job the job name was not properly escaped when displayed
Security Risk
Moderately Critical
Vulnerability
Cross Site Scripting
Affected Versions
CiviCRM v6.15.2 and earlier
Fixed Versions
CiviCRM v6.15.3, v6.10.7 (ESR), and later
Publication Date
Solutions
Upgrade to the latest CiviCRM version
Credits
Lassi ((lassitemp@proton.me), Seamus Lee (JMA Consulting), Coleman Watts (CiviCRM)
