A vulnerability was found in withastro astro up to 6.3.2 . It has been rated as problematic . The affected element is an unknown function. The manipulation of the argument data-astro-template leads to basic cross site scripting. This vulnerability is referenced as CVE-2026-50146 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.