23 matches found
CVE-2026-56356 n8n - Stored Cross-Site Scripting in Chat Trigger Node Custom CSS Field
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through 2.13.2 line, and 2.14.0 fixed in 1.123.27, 2.13.3, and 2.14.1. An authenticat...
CVE-2026-56358
n8n before 1.123.25 1.x and before 2.11.2 2.x, with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows authenticated users to inject malicious scripts. Attackers with workflow creation permissions can injec...
EUVD-2026-38754
n8n before 1.123.25 1.x and before 2.11.2 2.x, with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows authenticated users to inject malicious scripts. Attackers with workflow creation permissions can injec...
CVE-2026-56358 n8n - Stored Cross-Site Scripting in Form Trigger Node
n8n before 1.123.25 1.x and before 2.11.2 2.x, with the fix also included in 2.12.0, contains a stored cross-site scripting vulnerability in the Form Trigger node's CSS sanitization that allows authenticated users to inject malicious scripts. Attackers with workflow creation permissions can injec...
Cross-site Scripting (XSS)
Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the webhookId parameter in the Chat Trigger node. An attacker can execute arbitrary JavaScript in the context of another user's session by injecting malicious code, which is the...
CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...
n8n: Stored XSS in Chat Trigger Node
Impact An authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the injected code executed in the n8n origin with that user's session privileges. Patches T...
Cross-site Scripting (XSS)
Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Custom CSS field in the Chat Trigger node due to improper sanitization in the sanitize-html library. An authenticated user with permission to create or modify workflows and...
GHSA-Q4FM-PJQ6-M63G n8n has a Stored XSS Vulnerability in its Form Trigger
Impact An authenticated user with permission to create or modify workflows could exploit a flaw in the Form Trigger node's CSS sanitization to store a cross-site scripting XSS payload. The injected script executes persistently for every visitor of the published form, enabling form submission...
PT-2026-51782
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.25 n8n versions prior to 2.11.2 Description An authenticated user with permissions to create or modify workflows can exploit a flaw in the CSS sanitization of the Form Trigger node to store a cross-site scripting XS...
GHSA-38C7-23HJ-2WGQ n8n has Webhook Forgery on Zendesk Trigger Node
Impact An attacker who knows the webhook URL of a workflow using the ZendeskTrigger node could send unsigned POST requests and trigger the workflow with arbitrary data. The node does not verify the HMAC-SHA256 signature that Zendesk attaches to every outbound webhook, allowing any party to inject...
n8n has Webhook Forgery on Zendesk Trigger Node
Impact An attacker who knows the webhook URL of a workflow using the ZendeskTrigger node could send unsigned POST requests and trigger the workflow with arbitrary data. The node does not verify the HMAC-SHA256 signature that Zendesk attaches to every outbound webhook, allowing any party to inject...
CVE-2026-27578
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various nodes Form Trigger...
CVE-2026-27578 n8n Vulnerable to Stored XSS via Various Nodes
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various nodes Form Trigger...
Authentication Bypass
n8n is vulnerable to Authentication Bypass. The vulnerability is due to missing verification of Stripe webhook signatures in the Stripe Trigger node, which allows an attacker to send forged webhook requests and trigger workflows as if they were legitimate Stripe events...
CVE-2026-21894
n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stri...
CVE-2026-21894 n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks
n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stri...
n8n 安全漏洞
n8n is a scalable workflow automation tool from n8n open source. A security vulnerability exists in n8n versions 0.150.0 through prior to 2.2.2 that stems from an authentication bypass in the Stripe Trigger node, which could result in an unauthenticated party triggering a workflow...
GHSA-JF52-3F2H-H9J5 n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks
Impact An authentication bypass in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stripe webhook signing secret when registering the webhook endpoint, but incoming webhook requests were n...
n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks
Impact An authentication bypass in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stripe webhook signing secret when registering the webhook endpoint, but incoming webhook requests were n...