Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-46343
CVE-2025-46343:
JavaScript vulnerability analysis and mitigation
Overview
n8n is a workflow automation platform that was found to be vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint prior to version 1.90.0. The vulnerability was discovered on April 2, 2025, and was patched in version 1.90.0 released on April 21, 2025. The vulnerability affects all versions of n8n before 1.90.0 (GitHub Advisory, Wiz).
Technical details
The vulnerability exists because there was no restriction on the MIME type of uploaded files in n8n workflows, and the MIME type could be controlled via a GET parameter. This allowed the server to respond with any MIME type, potentially enabling malicious content to be interpreted and executed by the browser. The vulnerability has been assigned a CVSS v3.1 score of 5.0 (Medium) with vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N and is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) (GitHub Advisory, NVD).
Impact
An authenticated attacker with member-level permissions could exploit this vulnerability by uploading a crafted HTML file containing malicious JavaScript. When another user visits the binary data endpoint with the MIME type set to text/html, the script executes in the context of the user's session. This script could send a request to change the user's email address in their account settings, effectively enabling account takeover (GitHub Advisory).
Mitigation and workarounds
The vulnerability has been fixed in n8n version 1.90.0 through two main changes: sandboxing HTML binary files in viewing mode and restricting what binary-data types can be viewed in the UI. Users should upgrade to version 1.90.0 or later to protect against this vulnerability (GitHub PR 14350, GitHub PR 14685).
Community reactions
The vulnerability was responsibly disclosed and patched through GitHub's security advisory process. The fix was implemented in two stages, with initial sandboxing implemented in PR #14350 and additional restrictions on viewable binary-data types in PR #14685. The changes were well-received by the community, as evidenced by the positive reactions to the release announcement (GitHub Release).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management