CVE-2026-11436
Description
Mage AI up to 0.9.79 is vulnerable to DOM XSS in its sign-in flow via the redirect_url parameter, allowing attackers to execute arbitrary JavaScript.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Mage AI up to 0.9.79 is vulnerable to DOM XSS in its sign-in flow via the redirect_url parameter, allowing attackers to execute arbitrary JavaScript.
Vulnerability
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the Mage AI application's sign-in functionality, specifically within the useMutation function of the SignForm component located in mage_ai/frontend/components/Sessions/SignForm/index.tsx. The application improperly trusts and embeds the redirect_url parameter from the page's URL into a redirection URL without proper validation or sanitization. This vulnerability affects Mage AI versions up to 0.9.79 [1].
Exploitation
An attacker can craft a malicious link containing a JavaScript payload in the redirect_url parameter. When a user clicks this link, the application will attempt to redirect the browser to the malicious URL, executing the attacker's script in the context of the user's browser. For authenticated users, the XSS payload triggers automatically upon opening the link. For unauthenticated users, it triggers upon successful login or registration [1]. Remote exploitation is possible.
Impact
Successful exploitation of this vulnerability can lead to arbitrary JavaScript execution in the victim's browser. This could result in session hijacking, credential theft, or the execution of unauthorized actions on behalf of the victim, depending on the privileges of the compromised user account [1].
Mitigation
Mage AI versions up to 0.9.79 are affected. The vendor was contacted early regarding this disclosure but did not respond. The exploit is publicly available and may be in use. No patched version or specific mitigation details are available in the provided references [1].
AI Insight generated on Jun 6, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application directly embeds a user-supplied redirect_url parameter into a redirection URL without proper validation or sanitization."
Attack vector
An attacker crafts a malicious URL containing a javascript: URI in the redirect_url parameter, such as `https://<victim-mage-instance>/sign-in?redirect_url=javascript:alert(document.cookie)`. When a victim clicks this link, the application redirects the browser to this malicious URI after a successful sign-in or registration, executing the attacker's script in the victim's browser context [ref_id=1]. This can lead to session hijacking or credential theft.
Affected code
The vulnerability resides in the SignForm component, specifically within the onSuccess callback of the useMutation hook in the file mage_ai/frontend/components/Sessions/SignForm/index.tsx. The code directly uses the query.redirect_url value from the browser's URL to construct the redirection URL, which is then assigned to window.location.href [ref_id=1].
What the fix does
The advisory recommends validating the redirect_url parameter to ensure it stays within the same origin and uses a safe scheme like http or https. A function `isValidRedirectPath` is proposed to parse the URL and check its origin and protocol. If the redirect_url is valid, it is used; otherwise, a safe default path like '/' is used. This prevents the execution of malicious schemes like javascript: [ref_id=1]. The advisory notes that router.push should not be relied upon for sanitization, emphasizing the need for explicit validation.
Preconditions
- inputThe attacker must control the `redirect_url` parameter.
- networkThe attacker must be able to send a crafted URL to the victim.
- inputThe crafted URL must use a scheme like `javascript:` for the `redirect_url` parameter.
Reproduction
An attacker can exploit this by tricking a user into clicking a specially crafted link to the Mage AI login page.
Attacker crafts a malicious URL: `https://<victim-mage-instance>/sign-in?redirect_url=javascript:alert(document.cookie)`
Victim Action: The victim clicks the link.
Triggering the Vulnerability: When the link is opened by authenticated users (those who have already logged in), the XSS payload triggers automatically. For unauthenticated users, the victim sees the normal sign-in form; after they enter their credentials and successfully log in or register, the onSuccess callback is triggered. The code reads the original malicious redirect_url from the page's URL (which is still present) and performs the redirect to the javascript: URI, executing the attacker's script.
Result: The alert(document.cookie) executes, demonstrating JavaScript execution and session token exposure [ref_id=1].
Generated on Jun 6, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5News mentions
0No linked articles in our index yet.