CVE-2026-21768

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published Jun 19, 2026

Vendor unknown

Description

The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed in certain situations.

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130866