Severity by source
AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionGitHub Advisory
Summary
A stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in the Electron desktop app this can escalate to local code execution because Electron is configured with nodeIntegration: true and contextIsolation: false.
Details
The issue is in the icon rendering path:
packages/web/src/icons/FontIcon.svelte- treats any icon string starting with
<svgas inline SVG - renders it with
{@html iconValue}without sanitization packages/api/src/controllers/apps.js- loads app definitions from disk and returns
applicationIconto clients unchanged packages/web/src/appobj/DatabaseAppObject.svelte- passes
applicationIconintoadditionalIcons packages/web/src/appobj/AppObjectCore.svelte- renders those icons through
<FontIcon icon={ic.icon}>
This makes applicationIcon a stored XSS sink.
An attacker who can create or modify an app definition can store a payload in applicationIcon. When another user views a matching database/app entry, the payload executes in that user's session.
The impact is especially severe in Electron desktop because:
app/src/electron.jsnodeIntegration: truecontextIsolation: false
With that configuration, JavaScript gained through XSS can access Node/Electron APIs, making local code execution possible.
PoC
This was reproduced by creating an app definition with a malicious applicationIcon and making it match a visible database.
Example payload:
{
"applicationName": "XSS PoC",
"applicationIcon": "<svg xmlns=\"http://www.w3.org/2000/svg\" width=\"18\" height=\"18\"><circle cx=\"9\" cy=\"9\" r=\"8\" fill=\"red\"/></svg><img src=x onerror=\"alert('xss-fired')\">",
"usageRules": [
{
"serverHostsList": ["postgres"],
"databaseNamesList": ["dbgate"]
}
]
}After saving this app definition and opening the UI where the matching database/app icon is rendered, the JavaScript executes.
RCE In Electron app:
- Prepare an attacker-controlled application JSON file with a malicious
applicationIconvalue. - Set
usageRulesso the application matches a database the victim is likely to view. - Example payload:
{
"applicationName": "XSS PoC",
"applicationIcon": "<svg xmlns=\"http://www.w3.org/2000/svg\" width=\"18\" height=\"18\"><circle cx=\"9\" cy=\"9\" r=\"8\" fill=\"red\"/></svg><img src=x onerror=\"require('fs').writeFileSync(require('path').join(process.cwd(),'xss-rce-poc.txt'),'poc')\">",
"usageRules": [
{
"serverHostsRegex": ".*",
"databaseNamesRegex": ".*"
}
]
}- Deliver this JSON file to the victim as an application definition file.
- The victim imports or saves the file into DbGate's apps storage, for example by opening/creating an application file and saving the attacker-controlled JSON content.
- DbGate later loads that app definition through apps/get-all-apps.
- When the victim opens a UI view that renders the matching database/application icon, the applicationIcon value is passed into FontIcon.
- FontIcon detects that the string starts with <svg and renders it via raw {@html}.
- The injected HTML executes in the Electron renderer process.
- Because DbGate Desktop uses nodeIntegration: true and contextIsolation: false, the payload can access Node APIs and write the marker file xss-rce-poc.txt
This demonstrates that a malicious saved application JSON file can become stored XSS in the UI and escalate to local code execution in Electron.
Impact
Web app If an attacker can place a malicious application definition where another user will load it, arbitrary JavaScript executes in the victim's browser session. This can lead to token theft, session hijacking, and performing privileged actions as the victim inside DbGate.
Electron desktop app In the desktop app, the impact is more severe because the Electron renderer is configured with nodeIntegration: true and contextIsolation: false. If a victim imports or saves a malicious application definition and later opens a UI view that renders the icon, the XSS can access Node/Electron APIs and may result in local code execution on the victim machine.
AnalysisAI
Stored XSS in DbGate npm package escalates to remote code execution in Electron desktop app via unsanitized SVG icon rendering. Attackers who inject malicious SVG payloads into application definition files can execute arbitrary JavaScript when victims view matching database entries. In the Electron desktop client, insecure configuration (nodeIntegration: true, contextIsolation: false) allows XSS payloads to invoke Node.js APIs, enabling local code execution including file system access. Web depl
Technical ContextAI
DbGate is an open-source database management tool distributed as both a web application (pkg:npm/dbgate-web) and Electron desktop client. The vulnerability stems from improper neutralization of input (CWE-79) in the icon rendering pipeline. The Svelte component FontIcon.svelte uses the {@html} directive to render SVG strings without DOMPurify or equivalent sanitization. Application definitions containing the applicationIcon field are loaded from disk by packages/api/src/controllers/apps.js and passed through DatabaseAppObject.svelte and AppObjectCore.svelte components before reaching FontIcon. Any string beginning with '<svg' triggers raw HTML rendering, creating a stored XSS sink. The Electron desktop app exacerbates this by configuring BrowserWindow with nodeIntegration: true and contextIsolation: false in app/src/electron.js, violating Electron security best practices. This configuration grants renderer processes direct access to Node.js require(), enabling XSS payloads to invoke fs, child_process, and other Node modules for arbitrary code execution on the host operating system.
RemediationAI
Apply the vendor-released patch immediately by upgrading to DbGate versions incorporating commit a7d2ed11f3f3d4dfb5d2e4e5467dedafa5fa947e or later from the official GitHub repository at github.com/dbgate/dbgate. The patch likely implements SVG sanitization in FontIcon.svelte using DOMPurify or equivalent HTML sanitization library, and may reconfigure Electron to disable nodeIntegration and enable contextIsolation per Electron security best practices. Until patching is complete, implement defense-in-depth mitigations: restrict file system permissions so only trusted administrators can place application definition JSON files in DbGate's apps storage directories, disable or carefully audit any application import features accessible to untrusted users, and for web deployments implement Content Security Policy headers to limit inline script execution. Electron desktop users should consider running DbGate in sandboxed environments or under restricted user accounts until the patch is applied. Review application definition files for unexpected SVG or HTML content in applicationIcon fields. Full technical details and proof-of-concept are documented in the GitHub Security Advisory at github.com/dbgate/dbgate/security/advisories/GHSA-35xm-qvjg-8m42 and patch commit github.com/dbgate/dbgate/commit/a7d2ed11f3f3d4dfb5d2e4e5467dedafa5fa947e.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18472
GHSA-35xm-qvjg-8m42