Low severity3.5NVD Advisory· Published Apr 20, 2026· Updated Apr 29, 2026

CVE-2026-6619

Description

A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePreview. The manipulation of the argument filename leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Dify up to 1.13.3 has a DOM-based XSS in the ImagePreview component via an unsanitized filename in document.write().

A DOM-based Cross-Site Scripting (XSS) vulnerability in Dify's ImagePreview component (file web/app/components/base/image-uploader/image-preview.tsx) is triggered when a user opens a Base64 image in a new tab. The openInNewTab function constructs an ` element using document.write()` with the title parameter directly interpolated into the HTML without sanitization. The title is derived from the filename, which an attacker can control by uploading a file with a malicious name [1].

An attacker can exploit this by crafting a filename containing a quote and script payload, such as ">. When the victim clicks "Open in New Tab" on that uploaded image, the injected script executes in the context of the new window. No authentication is required to upload a file in typical workflows, making this remotely exploitable by any user who can upload content [1].

The impact is execution of arbitrary JavaScript within the victim's browser under the Dify origin, potentially allowing data theft, session hijacking, or further actions within the logged-in session. While the CVSS score is low (3.5) due to conditions like user interaction (clicking a button), the public disclosure of a working proof of concept increases risk [1].

The vendor was notified early but did not respond. As of version 1.13.3, no patch has been released. Users should manually sanitize the filename input or avoid using the "Open in New Tab" feature for Base64 images until a fix is available [1]. Dify has not issued any advisory or update.

References

DOM-based XSS in ImagePreview Component via Unsanitized Filename

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Langgenius/Difyllm-fuzzy
Range: <=1.13.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

Severity

LowCVSS v3.1

3.5/ 10

CVSS v42.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack vector: Network
Complexity: Low
Privileges: Low
User interaction: Required
Scope: Unchanged
Confidentiality: None
Integrity: Low
Availability: None

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS

Probability of exploitation in the next 30 days.

0.03%

VYPR risk score

Composite of severity, exploitation, and reach.

0.23low

cvss	0.227
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

Weaknesses

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-94
Improper Control of Generation of Code ('Code Injection')

CVE ID

CVE-2026-6619

Credits

E(
Eric-g (VulDB User)
reporter
VC
VulDB CNA Team
coordinator