Skip to main content

Suna

1 CVEs product

Monthly

CVE-2026-12811 LOW POC PATCH Monitor

Reflected cross-site scripting in Suna's authentication endpoint allows remote attackers to execute arbitrary JavaScript in a victim's browser by manipulating the returnURL parameter passed to Next.js router.replace/router.push. All Suna releases from 0.8.0 through 0.8.38 are affected; the flaw spans every auth action (signIn, signUp, resetPassword, signInWithPassword, signUpWithPassword, sendOtpCode, resendMagicLink, installOwner) because none sanitized the returnUrl form field before use. A public proof-of-concept exploit exists (GitHub Gist by TrebledJ); no public exploitation confirmed and the vulnerability is not listed in CISA KEV.

XSS Suna
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Reflected cross-site scripting in Suna's authentication endpoint allows remote attackers to execute arbitrary JavaScript in a victim's browser by manipulating the returnURL parameter passed to Next.js router.replace/router.push. All Suna releases from 0.8.0 through 0.8.38 are affected; the flaw spans every auth action (signIn, signUp, resetPassword, signInWithPassword, signUpWithPassword, sendOtpCode, resendMagicLink, installOwner) because none sanitized the returnUrl form field before use. A public proof-of-concept exploit exists (GitHub Gist by TrebledJ); no public exploitation confirmed and the vulnerability is not listed in CISA KEV.

XSS Suna
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy