CVE-2026-48999 — Attackers carefully craft malicious scripts, such as JavaScript, and inject them into target systems; when other users access pages containing such malicious content, the scripts are automatically loa — CVE Database · The Intelligence Room