{"data":{"id":"92a02067-5904-4039-b9bf-74d25a3c5b48","title":"GHSA-3c7f-5hgj-h279: n8n has XSS in Chat Trigger Node through Custom CSS","summary":"n8n versions before 1.123.27, 2.13.3, and 2.14.1 have a stored XSS (cross-site scripting, where attackers inject malicious code that runs when others visit a page) vulnerability in the Chat Trigger node's Custom CSS field. An authenticated user could bypass the sanitize-html library (a tool meant to remove dangerous code) and inject malicious JavaScript that would affect anyone visiting the public chat page.","solution":"Upgrade to n8n version 1.123.27, 2.13.3, 2.14.1, or later. If upgrading is not immediately possible, temporarily: (1) restrict workflow creation and editing permissions to trusted users only, or (2) disable the Chat Trigger node by adding `@n8n/n8n-nodes-langchain.chatTrigger` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully fix the risk and should only be used as short-term measures.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-3c7f-5hgj-h279","publishedAt":"2026-03-27T18:06:49.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["jailbreak"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.0.0-rc.0, < 2.13.3 (fixed: 2.13.3)","n8n@= 2.14.0 (fixed: 2..14.1)","n8n@< 1.123.27 (fixed: 1.123.27)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["n8n","LangChain"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-03-27T18:06:49.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","safety"],"aiComponentTargeted":"plugin","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}