CVE-2026-54477

MEDIUM

The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.