Photobooth CVE-2026-27020
Lifecycle Timeline
2DescriptionCVE.org
Photobooth prior to 1.0.1 has a cross-site scripting (XSS) vulnerability in user input fields. Malicious users could inject scripts through unvalidated form inputs. This vulnerability is fixed in 1.0.1.
AnalysisAI
Photobooth prior to 1.0.1 has a cross-site scripting (XSS) vulnerability in user input fields. Malicious users could inject scripts through unvalidated form inputs.
Technical ContextAI
Classified as CWE-79 (Cross-site Scripting (XSS)). Affects Photobooth. Photobooth prior to 1.0.1 has a cross-site scripting (XSS) vulnerability in user input fields. Malicious users could inject scripts through unvalidated form inputs. This vulnerability is fixed in 1.0.1.
Affected ProductsAI
Product: Photobooth. Versions: up to 1.0.1.
RemediationAI
Fixed in version 1.0.1.. Implement output encoding and Content Security Policy headers.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today