Lucene search
+L

Cross-site Scripting (XSS)

🗓️ 24 Jun 2026 15:18:25Reported by Snyk Security DatabaseType 
snyk
 snyk
🔗 security.snyk.io👁 8 Views

XSS in n8n through Respond to Webhook path enabling attacker controlled binary content and Content Type.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-54301
23 Jun 202615:44
attackerkb
CVE
CVE-2026-54301
23 Jun 202615:44
cve
Cvelist
CVE-2026-54301 n8n: Same-Origin XSS in Respond to Webhook Node
23 Jun 202615:44
cvelist
EUVD
EUVD-2026-38475
23 Jun 202615:44
euvd
Github Security Blog
n8n: Same-Origin XSS in Respond to Webhook Node
16 Jun 202619:00
github
NCSC
Vulnerabilities handled in the n8n workflow automation platform
29 Jun 202608:02
ncsc
NVD
CVE-2026-54301
23 Jun 202617:17
nvd
OSV
CVE-2026-54301 n8n: Same-Origin XSS in Respond to Webhook Node
23 Jun 202615:44
osv
OSV
GHSA-V733-MWR6-FGCM n8n: Same-Origin XSS in Respond to Webhook Node
16 Jun 202619:00
osv
OSV
MINI-HHF9-42WC-2657
17 Jun 202616:23
osv
Rows per page
Vulners
Node
OR
n8nn8nRange<1.123.55
n8nn8nRange2.0.0-rc.02.25.7
n8nn8nRange2.26.02.26.2

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

24 Jun 2026 15:18Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.15.4 - 6.3
CVSS 47
EPSS0.00216
SSVC
8