CVE-2026-22033: Label Studio is vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field
A persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authenticated attacker (or one who can trick a user/administrator into updating their custom_hotkeys) can inject JavaScript code that executes in other users’ browsers when those users load any page using the templates/base.html template. Because the application exposes an API token endpoint (/api/current-user/token) to the browser and lacks robust CSRF protection on some API endpoints, the injected script may fetch the victim’s API token or call token reset endpoints — enabling full account takeover and unauthorized API access. This vulnerability is of critical severity due to the broad impact, minimal requirements for exploitation (authenticated user), and the ability to escalate privileges to full account compromise.
References
- github.com/HumanSignal/label-studio
- github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505
- github.com/HumanSignal/label-studio/pull/9084
- github.com/HumanSignal/label-studio/releases/tag/nightly
- github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch
- github.com/advisories/GHSA-2mq9-hm29-8qch
- nvd.nist.gov/vuln/detail/CVE-2026-22033
Code Behaviors & Features
Detect and mitigate CVE-2026-22033 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →