[HIGH] Kirby CMS vulnerable to cross-site scripting (XSS) from list field content in the site frontend

PKSA-g7d2-4qf5-mg45 CVE-2026-44175 GHSA-5fhx-9q32-q257

Affected package: getkirby/cms

Affected version: >=5.0.0,<=5.4.0|<=4.9.0

Reported by:
GitHub