A vulnerability was found in apostrophecms apostrophe up to 4.29.0 . It has been rated as problematic . Affected by this issue is some unknown functionality of the component User Display Name Handler . The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2026-45014 . The attack can be initiated remotely. There is not any exploit available.