A vulnerability was found in brian-ruf OSCAL-GUI . It has been rated as problematic . Impacted is an unknown function of the component URL Handler . This manipulation causes cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2026-34416 . The attack can be initiated remotely. There is not any exploit available. It is recommended to apply a patch to fix this issue.