CVE-2026-33510: CWE-87: Improper Neutralization of Alternate XSS Syntax in homarr-labs homarr
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in homarr versions prior to 1. 57. 0 on the /auth/login page. The vulnerability arises from improper handling of the callbackUrl parameter, which is used in client-side redirects without proper neutralization. An attacker can craft a malicious URL that, when visited by an authenticated user, executes arbitrary JavaScript in the user's browser context. This can lead to credential theft, unauthorized actions, and potential internal network pivoting. The issue is fixed in version 1. 57. 0.
AI Analysis
Technical Summary
Homarr, an open-source dashboard application, suffers from a DOM-based XSS vulnerability (CWE-87) in versions before 1.57.0. The vulnerability is due to improper neutralization of the callbackUrl URL parameter on the /auth/login page, which is passed directly to redirect and router.push functions. This allows an attacker to execute arbitrary JavaScript in the victim's browser when the crafted URL is opened by an authenticated user. The vulnerability has a CVSS 3.1 score of 8.8, indicating high severity. The vulnerability is fixed in homarr version 1.57.0.
Potential Impact
Successful exploitation allows execution of arbitrary JavaScript in the context of an authenticated user's browser session. This can lead to credential theft, unauthorized actions performed on behalf of the user, and potential pivoting within internal networks. The vulnerability affects confidentiality, integrity, and availability as indicated by the CVSS vector (C:H/I:L/A:L). No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade homarr to version 1.57.0 or later, where this vulnerability is fixed. Since the vulnerability is resolved in the official release, applying this update fully mitigates the risk. No additional vendor advisory or patch links are provided, but the version upgrade is the confirmed remediation.
CVE-2026-33510: CWE-87: Improper Neutralization of Alternate XSS Syntax in homarr-labs homarr
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in homarr versions prior to 1. 57. 0 on the /auth/login page. The vulnerability arises from improper handling of the callbackUrl parameter, which is used in client-side redirects without proper neutralization. An attacker can craft a malicious URL that, when visited by an authenticated user, executes arbitrary JavaScript in the user's browser context. This can lead to credential theft, unauthorized actions, and potential internal network pivoting. The issue is fixed in version 1. 57. 0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Homarr, an open-source dashboard application, suffers from a DOM-based XSS vulnerability (CWE-87) in versions before 1.57.0. The vulnerability is due to improper neutralization of the callbackUrl URL parameter on the /auth/login page, which is passed directly to redirect and router.push functions. This allows an attacker to execute arbitrary JavaScript in the victim's browser when the crafted URL is opened by an authenticated user. The vulnerability has a CVSS 3.1 score of 8.8, indicating high severity. The vulnerability is fixed in homarr version 1.57.0.
Potential Impact
Successful exploitation allows execution of arbitrary JavaScript in the context of an authenticated user's browser session. This can lead to credential theft, unauthorized actions performed on behalf of the user, and potential pivoting within internal networks. The vulnerability affects confidentiality, integrity, and availability as indicated by the CVSS vector (C:H/I:L/A:L). No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade homarr to version 1.57.0 or later, where this vulnerability is fixed. Since the vulnerability is resolved in the official release, applying this update fully mitigates the risk. No additional vendor advisory or patch links are provided, but the version upgrade is the confirmed remediation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-20T16:59:08.889Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d3ce180a160ebd92c09cd4
Added to database: 4/6/2026, 3:15:36 PM
Last enriched: 4/6/2026, 3:30:33 PM
Last updated: 4/6/2026, 10:46:41 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.