54 matches found
CVE-2026-56353
n8n contains an authentication bypass in the Chat Trigger node when configured with n8n User Auth a non-default configuration. In affected releases — before 1.123.22, the 2.0.0 through 2.9.2 line, and 2.10.0 — the authentication check on the Chat Trigger webhook endpoint can be circumvented,...
EUVD-2026-44626
n8n contains an authentication bypass in the Chat Trigger node when configured with n8n User Auth a non-default configuration. In affected releases — before 1.123.22, the 2.0.0 through 2.9.2 line, and 2.10.0 — the authentication check on the Chat Trigger webhook endpoint can be circumvented,...
EUVD-2026-40444
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
CVE-2026-56356
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
CVE-2026-56356
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
CVE-2026-56356 n8n - Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
CVE-2026-56356
Summary: CVE-2026-56356 affects n8n’s Chat Trigger node Custom CSS field, where a misconfiguration of the sanitize-html library allows stored XSS. Affected versions: before 1.123.27; 2.0.0–2.13.2; 2.14.0. Impact: an authenticated user with workflow creation/modification rights can inject JavaScri...
CVE-2026-56356 n8n - Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
PT-2026-54040
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.27 n8n versions 2.0.0 through 2.13.2 n8n version 2.14.0 Description A stored cross-site scripting issue exists in the Chat Trigger node's Custom CSS field caused by a misconfiguration of the sanitize-html library. A...
Cross-site Scripting (XSS)
Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the webhookId parameter in the Chat Trigger node. An attacker can execute arbitrary JavaScript in the context of another user's session by injecting malicious code, which is the...
CVE-2026-54302
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
CVE-2026-54302
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
EUVD-2026-38477
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
CVE-2026-54302
CVE-2026-54302 — n8n: Stored XSS in Chat Trigger Node . An authenticated user with workflow edit access could inject JavaScript into the Chat Trigger page by setting a malicious webhookId. When a logged-in user visited the chat URL, the code executed in the n8n origin under that user’s session. A...
CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
n8n: Stored XSS in Chat Trigger Node
Impact An authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the injected code executed in the n8n origin with that user's session privileges. Patches T...
NPM: n8n: Stored XSS in Chat Trigger Node
NPM: n8n: Stored XSS in Chat Trigger Node vulnerability discovered by ? in WordPress Npm n8n versions 1.123.55...
CVE-2026-42228
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated...
n8n 安全漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the /chatWebSocket endpoint in the Chat Trigger node’s Hosted Chat feature, which did not verify...