Skip to main content

Pretix Pages

1 CVEs product

Monthly

CVE-2026-57534 LOW PATCH Monitor

HTML injection in the pretix-pages plugin for Pretix event ticketing software permits a high-privileged authenticated user to embed malicious HTML tags into plugin-rendered page content, which subsequently executes in the browsers of site visitors who view those pages. All tracked versions under cpe:2.3:a:pretix:pretix-pages are affected, with a vendor-released fix published 2026-06-25 in Pretix release 2026.5.2. No public exploit code or active exploitation has been identified at time of analysis.

XSS Pretix Pages
NVD
CVSS 4.0
2.1
EPSS
0.3%
EPSS 0% CVSS 2.1
LOW PATCH Monitor

HTML injection in the pretix-pages plugin for Pretix event ticketing software permits a high-privileged authenticated user to embed malicious HTML tags into plugin-rendered page content, which subsequently executes in the browsers of site visitors who view those pages. All tracked versions under cpe:2.3:a:pretix:pretix-pages are affected, with a vendor-released fix published 2026-06-25 in Pretix release 2026.5.2. No public exploit code or active exploitation has been identified at time of analysis.

XSS Pretix Pages
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy