A vulnerability was found in pgAdmin 4 up to 9.15 . It has been declared as problematic . This affects an unknown part of the file /rds/verify_credentials of the component Backend . Such manipulation of the argument errormsg leads to cross site scripting. This vulnerability is listed as CVE-2026-12047 . The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.