Published
2026-06-15 19:47
When viewing a grant or printing a list of grants the Grant type label and Grant Status labels were not properly escaped
Security Risk
Moderately Critical
Vulnerability
Cross Site Scripting
Affected Versions
CiviCRM v6.15.2 and earlier
Fixed Versions
CiviCRM v6.15.3, v6.10.7 (ESR), and later
Publication Date
Solutions
Upgrade to a fixed version of CiviCRM
Credits
Lassi (lassitemp@proton.me), Kevin Cristiano (Tadepole Collective) Seamus Lee (JMA Consulting)
