A vulnerability, which was classified as problematic , has been found in hackage-server . The impacted element is an unknown function of the component cabal File Handler . Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2026-40472 . The attack is possible to be carried out remotely. No exploit exists.