Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

#3ba556a3-57d7-4c5d-b460-9d6daa180ee1

Security Advisories

Reported CVEsVendorsProductsReports
1Vulnerabilities found
CVE-2026-3327
Assigner-3ba556a3-57d7-4c5d-b460-9d6daa180ee1
ShareView Details
Assigner-3ba556a3-57d7-4c5d-b460-9d6daa180ee1
CVSS Score-4.8||MEDIUM
EPSS-Not Assigned
Published-27 Feb, 2026 | 14:09
Updated-27 Feb, 2026 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated DatoCMS Web Previews Plugin Iframe Injection

Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins. This issue affects Web Previews < v1.0.31.

Action-Not Available
Vendor-DatoCMS
Product-Web Previews
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')