CVE-2026-45343: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Kovah LinkAce
LinkAce versions prior to 2. 5. 6 contain a stored cross-site scripting (XSS) vulnerability affecting instances using SSO/OAuth authentication. A low-privilege user can inject malicious JavaScript by setting their OAuth display name and creating an API token, which plants a persistent XSS payload in the audit log. When an administrator views the audit log page, the payload executes in their browser, potentially exposing session cookies and CSRF tokens. This vulnerability is fixed in version 2. 5. 6.
AI Analysis
Technical Summary
CVE-2026-45343 is a stored cross-site scripting vulnerability in Kovah's LinkAce before version 2.5.6. It arises from improper neutralization of input during web page generation (CWE-79). Specifically, an attacker with low privileges can set their OAuth display name to a malicious script and create an API token, which stores the payload in the audit log. When an administrator accesses the /system/audit page, the malicious script executes in their browser context, enabling theft of session cookies, CSRF tokens, or other actions available to the admin. The vulnerability affects instances configured with SSO/OAuth authentication and is addressed in LinkAce 2.5.6.
Potential Impact
Successful exploitation allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This can lead to session cookie theft and CSRF token exfiltration, potentially enabling unauthorized actions with administrator privileges. The vulnerability compromises the confidentiality and integrity of the administrator's session.
Mitigation Recommendations
This vulnerability is fixed in LinkAce version 2.5.6. Users should upgrade to version 2.5.6 or later to remediate this issue. Since this is a self-hosted product, administrators must apply the update manually. Patch status is not explicitly stated in the vendor advisory, but the description confirms the fix is included in 2.5.6.
CVE-2026-45343: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Kovah LinkAce
Description
LinkAce versions prior to 2. 5. 6 contain a stored cross-site scripting (XSS) vulnerability affecting instances using SSO/OAuth authentication. A low-privilege user can inject malicious JavaScript by setting their OAuth display name and creating an API token, which plants a persistent XSS payload in the audit log. When an administrator views the audit log page, the payload executes in their browser, potentially exposing session cookies and CSRF tokens. This vulnerability is fixed in version 2. 5. 6.
CVSS v4.0
Score 8.5high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-45343 is a stored cross-site scripting vulnerability in Kovah's LinkAce before version 2.5.6. It arises from improper neutralization of input during web page generation (CWE-79). Specifically, an attacker with low privileges can set their OAuth display name to a malicious script and create an API token, which stores the payload in the audit log. When an administrator accesses the /system/audit page, the malicious script executes in their browser context, enabling theft of session cookies, CSRF tokens, or other actions available to the admin. The vulnerability affects instances configured with SSO/OAuth authentication and is addressed in LinkAce 2.5.6.
Potential Impact
Successful exploitation allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This can lead to session cookie theft and CSRF token exfiltration, potentially enabling unauthorized actions with administrator privileges. The vulnerability compromises the confidentiality and integrity of the administrator's session.
Mitigation Recommendations
This vulnerability is fixed in LinkAce version 2.5.6. Users should upgrade to version 2.5.6 or later to remediate this issue. Since this is a self-hosted product, administrators must apply the update manually. Patch status is not explicitly stated in the vendor advisory, but the description confirms the fix is included in 2.5.6.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-11T21:40:08.177Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a18b4aee29bf47b5032f460
Added to database: 5/28/2026, 9:33:34 PM
Last enriched: 5/28/2026, 9:48:34 PM
Last updated: 5/28/2026, 10:39:40 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.