CVE-2026-50883

CRITICAL

matze wastebin 3.4.1 - HTML Injection in /src/highlight.rs

Title source: llm

Description

An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload.

References (1)

Core 1

Core References

https://gist.github.com/pyuysig/eb74ae37c49d0383bedc08881c2493c4

Scores

CVSS v3 9.6

EPSS 0.0037

EPSS Percentile 29.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-79

Status published

Published Jun 15, 2026

Tracked Since Jun 16, 2026