CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs Jun 21, 2026

CVE-2026-12811 | kortix-ai suna up to 0.8.38 Auth Endpoint page.tsx router.replace/router.push returnURL cross site scripting

VulDB Archived Jun 21, 2026 ! Full text unavailable

A vulnerability categorized as problematic has been discovered in kortix-ai suna up to 0.8.38 . Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint . Executing a manipulation of the argument returnURL can lead to cross site scripting. The identification of this vulnerability is CVE-2026-12811 . The attack may be launched remotely. Furthermore, there is an exploit available. It is advisable to upgrade the

Full text unavailable — view original
✦ AI Summary · Claude Sonnet


    Full text unavailable.
    Open original ↗
    💬 Team Notes
    Article Info
    Source
    VulDB
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Jun 21, 2026
    Archived
    Jun 21, 2026
    Full Text
    ✗ Not available
    Open Original ↗