제출 #815798: Teable < release.2026-04-21T08-57-20Z.1513 DOM-Based XSS, Open Redirect정보

제목	Teable < release.2026-04-21T08-57-20Z.1513 DOM-Based XSS, Open Redirect
설명	A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Teable's sign-up/in functionality before version "release.2026-04-21T08-57-20Z.1513". The application improperly trusts a URL parameter (redirect) during the sign-in flow. An attacker can craft a malicious link that, when clicked and signed-in by a user, performs a client-side redirect and executes arbitrary JavaScript in the context of their browser. This could lead to session hijacking, credential theft, or unauthorized actions performed on behalf of the victim. --- Note to moderator: The issue was fixed without notifying the wider user base via a security disclosure. It is reasonable that users self-hosting the product are unaware of the vulnerability. Previously, the project appears to have used semantic versioning with the latest semantic version being 1.10.0, however, it appears the vendor has shifted to a datetime-based versioning (e.g. release.2026-04-21T08-57-20Z.1513). I have attempted to reach out to the vendor regarding a GitHub security advisory, but they have not responded and have marked the ticket in my email thread as closed. - CVD: https://gist.github.com/TrebledJ/98575dc5aecb47433f02ff942e6aedf1 - Original PR: https://github.com/teableio/teable/pull/2827 - Note: the PR was closed, but the fix was merged in another commit. I'm not sure why. Possibly a - Actual commit which was merged: https://github.com/teableio/teable/commit/778111de6bcee0a873ba7d91685edc57bf1cdbae#diff-8b5ff6f759ba6de35f3ccf9108151a62d29d967ace491d808587a50ead55644e - Vendor: https://github.com/teableio - Product: https://github.com/teableio/teable - Changelog indicating fix in Apr. 23, 2026: https://help.teable.ai/en/changelog#sharing-and-permission-fixes-5:~:text=Fixed%20a%20reflected%20XSS%20vulnerability%20in%20auth%20pages - Changelog (backup link): https://web.archive.org/web/20260427172549/https://help.teable.ai/en/changelog - Go to Apr. 23, 2026, under "3. Duplicate & Delete Tables", click on "Sharing & Permission Fixes (5)", observe "Fixed a reflected XSS vulnerability".
원천	⚠️ https://gist.github.com/TrebledJ/98575dc5aecb47433f02ff942e6aedf1
사용자	trebledj (UID 94356)
제출	2026. 04. 29. PM 07:12 (1 월 ago)
모더레이션	2026. 05. 26. PM 12:48 (27 days later)
상태	수락
VulDB 항목	365628 [teableio teable 까지 1.9.x Sign-up LoginPage.tsx redirect 크로스 사이트 스크립팅]
포인트들	20

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!