| Summary | Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e. |
|---|---|
| Publication Date | June 24, 2026, 10:16 p.m. |
| Registration Date | June 27, 2026, 4:18 a.m. |
| Last Update | June 26, 2026, 4:52 a.m. |