11 matches found
CVE-2026-25051
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
GHSA-825Q-W924-XHGX n8n's Improper CSP Enforcement in Webhook Responses May Allow Stored XSS
Impact A Cross-site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to isolate HTML responses may not be applied correctly. An authenticated user...
CVE-2026-25051
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
CVE-2026-25051 n8n Improper CSP Enforcement in Webhook Responses May Allow Stored XSS
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
CVE-2026-25051 n8n Improper CSP Enforcement in Webhook Responses May Allow Stored XSS
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
EUVD-2026-5420
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
CVE-2026-25051
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...
CVE-2026-25051
CVE-2026-25051 affects n8n (open source workflow automation). The issue is an XSS in the handling of webhook responses and related HTTP endpoints where CSP sandbox protection may not be applied under certain conditions. An authenticated user with permission to create/modify workflows could abuse ...
n8n 跨站脚本漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of Webhook responses and HTTP endpoints, potentially leading to cross-site scripting attack...
PT-2026-6391
Impact A Cross-site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to isolate HTML responses may not be applied correctly. An authenticated user...
PT-2026-6260
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.2 Description n8n is a workflow automation platform. A Cross-Site Scripting XSS issue exists in the handling of webhook responses and related HTTP endpoints. The Content Security Policy CSP sandbox protection may no...