Vulnerability Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows authenticated users to inject arbitrary HTML and JavaScript into the Application prologue (Opening Remarks) field by wrapping malicious payloads in <html_rander> tags. The backend fails to sanitize or encode HTML entities in the prologue field when applications are created or updated via the /admin/api/workspace/{workspace_id}/application endpoint, storing the raw payload directly in the database. The frontend then renders this content using an innerHTML-equivalent mechanism, trusting <html_rander>-wrapped content to be safe, which enables persistent DOM-based Stored XSS execution against any visitor who opens the affected chatbot interface. Exploitation can lead to session hijacking, unauthorized actions performed on behalf of victims (such as deleting workspaces or applications), and sensitive data exposure. This issue has been fixed in version 2.8.0.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Maxkb | Maxkb | < 2.8.0 |
Related Weaknesses (CWE)
References
- https://github.com/1Panel-dev/MaxKB/releases/tag/v2.8.0Release Notes
- https://github.com/1Panel-dev/MaxKB/security/advisories/GHSA-3rq5-pgm7-pvp4Vendor Advisory
FAQ
What is CVE-2026-39425?
CVE-2026-39425 is a vulnerability with a CVSS score of 5.4 (MEDIUM). MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a Stored Cross-Site Scripting (XSS) vulnerability that allows authenticated users to inject arbitrary HTML and Jav...
How severe is CVE-2026-39425?
CVE-2026-39425 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-39425?
Check the references section above for vendor advisories and patch information. Affected products include: Maxkb Maxkb.