{"data":{"id":"d850b6eb-974c-4e2c-afb7-ab1417ee082a","title":"GHSA-537j-gqpc-p7fq: n8n Vulnerable to XSS via MCP OAuth client","summary":"n8n (a workflow automation tool) has a vulnerability where an attacker could inject malicious code through a fake OAuth client name, causing it to run in a victim's browser when they revoke access. This XSS (cross-site scripting, injecting malicious code into a webpage) attack could let attackers steal login credentials, take over sessions, or modify workflows.","solution":"This issue has been fixed in n8n version 2.14.2. Users should upgrade to this version or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should restrict access to the n8n instance and the MCP OAuth registration endpoint to trusted users only, or disable MCP server functionality if not actively required. However, the source notes these workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-537j-gqpc-p7fq","publishedAt":"2026-04-29T21:23:04.000Z","cveId":"CVE-2026-42235","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.17.0, < 2.17.4 (fixed: 2.17.4)","n8n@>= 2.18.0, < 2.18.1 (fixed: 2.18.1)","n8n@< 1.123.32 (fixed: 1.123.32)"],"affectedVendors":[],"affectedVendorsRaw":["n8n"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-29T21:23:04.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0051"]}}