CVE-2026-40451

Published April 22nd, 2026

View on NVD ↗

CVSS v3

N/A

CVSS v2

N/A

Affected

PROJECT

Description

DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user.

DeepLcom/deepl-chrome-extension

GitHub