A vulnerability described as problematic has been identified in Cotonti 1.0.0 . This vulnerability affects the function htmlspecialchars of the file modules/pfs/inc/pfs.main . Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-55746 . The attack may be performed from remote. There is no available exploit. It is advisable to implement a patch to correct this issue.