What is the CVSS score of CVE-2026-24045?

CVE-2026-24045 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Docmost are affected by CVE-2026-24045?

Docmost versions before 0.25.0 contain a stored cross-site scripting (XSS) vulnerability in public share pages that allows attackers to inject malicious code through unescaped page titles.. A patch is available.

Is there a public PoC exploit available for CVE-2026-24045?

Yes, a public proof-of-concept exploit is available for CVE-2026-24045. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-24045?

Within 24 hours: Inventory all Docmost deployments and identify instances running versions before 0.25.0. Restrict public share page access if operationally feasible. Within 7 days: Apply vendor patch to upgrade all affected instances to version 0.25.0 or later, prioritizing production environments. Within 30 days: Conduct security audit of all public shares created during the vulnerability window for signs of exploitation.

Docmost CVE-2026-24045

HIGH

Cross-site Scripting (XSS) (CWE-79)

2026-02-10 security-advisories@github.com

XSS Docmost

7.3

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.3 HIGH

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

PoC Detected

Feb 25, 2026 - 15:04 vuln.today

Public exploit code

Patch released

Feb 25, 2026 - 15:04 nvd

Patch available

CVE Published

Feb 10, 2026 - 18:16 nvd

HIGH 7.3

DescriptionGitHub Advisory

Docmost is open-source collaborative wiki and documentation software. From g and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This allows Stored Cross-Site Scripting (XSS) attacks, where an attacker can execute arbitrary JavaScript in the context of any user who opens a shared page link. This vulnerability is fixed in 0.25.0.

AnalysisAI

Stored XSS in Docmost before version 0.25.0 allows authenticated attackers to inject malicious scripts into public share page titles that execute when victims visit shared links, compromising user sessions and data. The vulnerability stems from improper HTML escaping of page titles in meta and title tags, and public exploit code is available. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Create document with malicious title containing JavaScript

Exploit

Share page publicly

Execution

Victim opens shared link

Impact

XSS payload executes in victim browser