CVE-2026-6106
Description
A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/static_headers_middleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. Upgrading to version 2.8.0 is able to resolve this issue. The patch is identified as 026a2d623e2aa5efa67c4834651e79d5d7cab1da. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
MaxKB up to v2.2.1 has a stored XSS vulnerability in the public chat interface via unescaped application name injection.
Vulnerability
Overview
CVE-2026-6106 is a stored cross-site scripting (XSS) vulnerability affecting MaxKB, an open-source enterprise agent platform, up to version 2.2.1. The flaw resides in the StaticHeadersMiddleware component, specifically in the file apps/common/middleware/static_headers_middleware.py. When processing the public chat interface (/ui/chat/{access_token}), the middleware performs unescaped string replacement to inject application data (such as the application name) directly into the HTML response. The root cause is the lack of HTML escaping when storing the application name in the database via apps/application/serializers/application_serializers.py [1].
Exploitation
An authenticated attacker can exploit this by sending a POST request to /api/application name) /api/application/ with a malicious payload in the name field, such as . When any user (including unauthenticated visitors) accesses the public chat URL for that application, the server's middleware inserts the payload directly into the ` tag of the HTML response. The victim's browser then renders the page and executes the injected script [1]. The attack is remotely exploitable and does not require any special privileges beyond authentication to create an application.
Impact
Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of any user visiting the public chat interface. This can lead to session hijacking, data theft, defacement, or other actions possible within the victim's browser session. The CVSS v3 base score is 3.5 (Low), reflecting the requirement for authentication to create the malicious application, but the impact is amplified by the public nature of the chat interface, which can be accessed by any user with the access token [1].
Mitigation
The vendor was contacted and quickly released a fix in version 2.8.0 [2]. The patch, identified by commit 026a2d623e2aa5efa67c4834651e79d5d7cab1da, introduces proper HTML escaping in the middleware using html.escape() [4]. Users are strongly recommended to upgrade to MaxKB v2.8.0 or later to remediate this vulnerability [2].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=2.2.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7News mentions
0No linked articles in our index yet.