CVE-2026-55650
Outerbase Studio: Stored XSS in Text Widget Leads to Authentication Token Exposure
描述
## Summary A Stored Cross-Site Scripting (XSS) issue previously existed in the Text Widget in Board of Outerbase Studio where unsanitized HTML could be rendered using `dangerouslySetInnerHTML` ### Steps to Reproduce 1. Create a new dashboard. 2. Add a **Text widget**. 3. Insert the following payload: ```html <img src=x onerror="alert('XSS Executed\nToken: ' + localStorage.getItem('ob-token'))"> ``` ### Architectural Context Outerbase Cloud and its backend services were discontinued in 2025. The current version of Outerbase Studio operates purely as a client-side application, with dashboard data stored locally in the browser. ### Impact In the current architecture, the impact is limited to local self-XSS within a user's browser session. The previously described scenarios involving: - authentication token theft - account takeover - database access are no longer applicable since there are no active backend services or authentication tokens. ### Remediation The unsafe HTML rendering in the Text Widget has been removed in commit https://github.com/outerbase/studio/commit/b06fb85e5967440278d5a815721b360920566ab9 by eliminating the use of dangerouslySetInnerHTML.
如何修補 CVE-2026-55650
目前尚未發布修補版本。可考慮移除受影響套件,或參考下方連結中的上游建議。
- —未列出修補版本
CVE-2026-55650 正在被利用嗎?
目前沒有被利用訊號。CVE-2026-55650 既不在 CISA KEV 也沒有最新的 EPSS 分數。
受影響套件(1)
- from 0, <= 0.10.2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.4 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |