GHSA-2ww6-868g-2c56
Suggest an improvement- Source
- https://github.com/advisories/GHSA-2ww6-868g-2c56
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-2ww6-868g-2c56/GHSA-2ww6-868g-2c56.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-2ww6-868g-2c56
- Aliases
-
- CVE-2026-32040
- Downstream
- Published
- 2026-03-03T18:30:39Z
- Modified
- 2026-03-30T13:32:22.044863Z
- Severity
-
- 4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- 2.4 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N CVSS Calculator
- Summary
- OpenClaw Vulnerable to HTML injection via unvalidated image MIME type in data-URL interpolation
- Details
-
Summary
The HTML session exporter (
src/auto-reply/reply/export-html/template.js) interpolatesimg.mimeTypedirectly into<img src="data:...">attributes without validation or escaping. A craftedmimeTypevalue (e.g.,x" onerror="alert(1)) can break out of the attribute context and execute arbitrary JavaScript.Impact
An attacker who can control image entries in session data (via crafted tool results or session manipulation) can achieve XSS when the exported HTML is opened. The precondition is tighter than the main XSS finding (requires image content blocks with a malicious mimeType), but exploitation is straightforward.
Affected components
src/auto-reply/reply/export-html/template.js— line 1032 (tool result images), line 1306 (user message images)
Reproduction
- Craft a session entry with an image content block where
mimeTypeis set toimage/png" onerror="alert(document.domain) - Export the session to HTML
- Open the exported HTML — the injected
onerrorfires
Remediation
- Added
sanitizeImageMimeType()helper that validates mimeType against a whitelist of known image MIME types - Falls back to
application/octet-streamfor unrecognized values, preventing attribute breakout
Fix
https://github.com/openclaw/openclaw/pull/24140
- Database specific
{ "cwe_ids": [ "CWE-79" ], "github_reviewed": true, "nvd_published_at": "2026-03-19T22:16:40Z", "severity": "LOW", "github_reviewed_at": "2026-03-03T18:30:39Z" }- References
-
- https://github.com/openclaw/openclaw/security/advisories/GHSA-2ww6-868g-2c56
- https://nvd.nist.gov/vuln/detail/CVE-2026-32040
- https://github.com/openclaw/openclaw/pull/24140
- https://github.com/openclaw/openclaw/commit/f3adf142c195000cbde31200626a1d8c8b716df9
- https://github.com/openclaw/openclaw
- https://www.vulncheck.com/advisories/openclaw-html-injection-via-unvalidated-image-mime-type-in-data-url-interpolation
Affected packages
npm / openclaw
Package
- Name
- openclaw
- View open source insights on deps.dev
- Purl
- pkg:npm/openclaw