CVE-2024-40626

Source
https://cve.org/CVERecord?id=CVE-2024-40626
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40626.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-40626
Aliases
  • GHSA-888c-mvg8-v6wh
Published
2024-07-16T17:03:39.883Z
Modified
2026-04-10T05:15:24.620494Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Stored Cross-site Scripting (XSS) vulnerability in Outline editor
Details

Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting (XSS) vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other users view this document, the malicious Javascript can execute in the origin of Outline. Outline includes CSP rules to prevent third-party code execution, however in the case of self-hosting and having your file storage on the same domain as Outline a malicious payload can be uploaded as a file attachment and bypass those CSP restrictions. This issue has been addressed in release version 0.77.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/40xxx/CVE-2024-40626.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-79"
    ]
}
References

Affected packages

Git / github.com/outline/outline

Affected ranges

Type
GIT
Repo
https://github.com/outline/outline
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

0.*
0.1.0
0.16.0
0.39.0
v0.*
v0.13.1
v0.13.2
v0.13.3
v0.13.4
v0.13.5
v0.14.0
v0.15.0
v0.15.1
v0.16.1
v0.16.2
v0.16.3
v0.17.0
v0.18.0
v0.19.0
v0.19.1
v0.2.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.23.0
v0.24.0
v0.25.0
v0.26.0
v0.27.0
v0.28.0
v0.29.0
v0.3.0
v0.3.1
v0.30.0
v0.31.0
v0.32.0
v0.33.0
v0.34.0
v0.35.0
v0.36.0
v0.36.1
v0.37.0
v0.38.0
v0.38.1
v0.39.0
v0.4.0
v0.40.0
v0.40.1
v0.40.2
v0.41.0
v0.42.0
v0.42.1
v0.42.2
v0.43.0
v0.43.1
v0.43.2
v0.43.3
v0.44.0
v0.45.0
v0.46.0
v0.48.0
v0.48.1
v0.49.0
v0.5.0
v0.50.0
v0.51.0
v0.52.0
v0.53.0
v0.53.1
v0.54.0
v0.55.0
v0.56.0
v0.57.0
v0.58.0
v0.59.0
v0.6.0
v0.6.1
v0.60.0
v0.60.1
v0.61.0
v0.62.0
v0.63.0
v0.64.0
v0.64.1
v0.64.2
v0.64.3
v0.65.0
v0.65.1
v0.66.0
v0.67.0
v0.67.0-pre.1
v0.67.1
v0.67.2
v0.69.0
v0.69.1
v0.7.0
v0.70.0
v0.70.1
v0.70.2
v0.71.0
v0.72.0
v0.73.0
v0.73.1
v0.75.0
v0.75.1
v0.75.2
v0.76.0
v0.76.0-0
v0.76.0-1
v0.76.0-2
v0.76.1
v0.76.2-0
v0.77.0
v0.77.1
v0.77.2
v0.8.0
v0.8.1
v0.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40626.json"