Skip to main content

Mage AI EUVDEUVD-2026-34971

| CVE-2026-11436 LOW
Cross-site Scripting (XSS) (CWE-79)
2026-06-06 cna@vuldb.com GHSA-22m6-jvxh-3cc5
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 06, 2026 - 16:31 vuln.today

DescriptionCVE.org

A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirect_url results in cross site scripting. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Reflected cross-site scripting in Mage AI's sign-in flow (versions up to and including 0.9.79) allows unauthenticated remote attackers to inject and execute arbitrary JavaScript in a victim's browser by manipulating the query.redirect_url parameter passed to the useMutation hook in the SignForm component. A public proof-of-concept exploit exists (referenced via GitHub gist), elevating real-world risk despite the low CVSS 4.0 score of 2.1. The vendor was notified prior to disclosure but did not respond, meaning no patch is currently available.

Technical ContextAI

The vulnerable code resides in the React frontend component at mage_ai/frontend/components/Sessions/SignForm/index.tsx, specifically within the useMutation hook that handles authentication flow logic. CWE-79 (Improper Neutralization of Input During Web Page Generation) identifies the root cause: user-supplied input from the query.redirect_url URL parameter is reflected into the rendered page without adequate sanitization or encoding. This is a classic open-redirect-to-XSS pattern common in login flows where the redirect destination is passed as a query parameter and interpolated into JavaScript or HTML context post-authentication. The vulnerability exists in the JavaScript/TypeScript frontend layer of Mage AI, an open-source data pipeline and ML orchestration platform. No CPE string was provided in the source data; the affected software is identifiable by its GitHub repository and version constraint of <= 0.9.79.

RemediationAI

No vendor-released patch has been identified at time of analysis - the vendor was contacted prior to public disclosure but did not respond. As a primary compensating control, administrators should deploy a web application firewall (WAF) rule to sanitize or block script-bearing content in the query.redirect_url parameter on the sign-in endpoint; this may break legitimate redirect flows and should be tested against normal auth workflows before deployment. A second compensating control is to implement a server-side allowlist for redirect_url values, restricting accepted destinations to known internal paths - this is the most targeted mitigation with minimal side effects. Organizations should also configure Content Security Policy (CSP) headers to restrict inline script execution, reducing XSS impact even if the injection point is reached; note that CSP retrofits on existing React applications can cause breakage in dynamic components and require iterative testing. Monitor the Mage AI GitHub repository at https://github.com/mage-ai/mage-ai for a patched release addressing this component. The VulDB tracking entry is at https://vuldb.com/vuln/369016.

Share

EUVD-2026-34971 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy