In Yelp the Content Security Policy implemented by yelp‑xsl was found to be overly permissive. A malicious Flatpak application can use the OpenURI portal to open specially crafted help content. By embedding an untrusted CSS stylesheet inside a structured SVG document the attacker can trick Yelp into evaluating local XML inclusions. The result is that Yelp will download remote CSS resources that can reference local host files, allowing the attacker to read arbitrary files that are normally inaccessible to the application. This flaw can lead to the unauthorized disclosure of sensitive information present on the host system.

Red Hat Enterprise Linux distributions from version 6 through 10 are affected because they include the Yelp application. The flaw is present in all current releases listed in the CNA data: RHEL 6, RHEL 7, RHEL 8, RHEL 9, and RHEL 10.

The CVSS score of 7.1 indicates a high severity, and the lack of an EPSS value does not lessen the importance of the vulnerability. This issue is not yet tracked in the CISA KEV catalog, but the attack can occur in a local or remote context where a user can deploy a malicious Flatpak application. The attacker would need to supply the crafted SVG/CSS payload; once executed, Yelp’s improper CSP allows the sandbox to be bypassed and host files to be disclosed. Because the condition requires an attacker capable of running a Flatpak package, the exploitation probability is moderate to high in environments where Flatpak applications are trusted or unverified.