A vulnerability classified as problematic has been found in Plane CE 1.3.1 . The impacted element is an unknown function. This manipulation of the argument description_html causes cross site scripting. The identification of this vulnerability is CVE-2026-10850 . It is possible to initiate the attack remotely. There is no exploit available.