Published
2026-06-16 14:40
Security Risk
Moderately Critical
Vulnerability
Cross Site Scripting
Affected Versions
CiviCRM v6.15.2 and earlier
Fixed Versions
CiviCRM v6.15.3, v6.10.7 (ESR), and later
Publication Date
Solutions
Upgrade to a fixed version of CiviCRM
Credits
Tim Otten (CiviCRM), Coleman Watts (CiviCRM), Seamus Lee (JMAConsulting), Kevin Cristiano (Tadepole Collective)
