Description
Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0.
Published: 2026-02-11
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting
Action: Patch
AI Analysis

Impact

The vulnerability is a client‑side DOM XSS flaw in the Dify web chat application that occurs when echarts components are used to render charts. Because the frontend does not properly sanitize or encode user‑or‑LLM‑generated inputs that feed into echarts, an attacker can embed malicious JavaScript payloads that are executed in the browser when the chart is rendered. This flaw is identified as CWE‑79.

Affected Systems

Affected systems are versions of the Dify open‑source LLM application produced by langgenius before release 1.13.0. The flaw resides in the chat frontend code that processes dynamic input. Users running Dify distributions older than 1.13.0 should be aware that any chat interface making use of echarts for graph rendering is vulnerable.

Risk and Exploitability

The severity score for this issue is 5.3 on the CVSS v3.1 scale, indicating moderate impact. The probability of exploitation, as suggested by an EPSS score of less than 1%, is very low, and the vulnerability has not been reported as a known exploited vulnerability in the CISA KEV catalog. Exploitation requires an attacker to supply crafted input to the chat interface, typically by influencing a user or LLM to produce code that will be rendered by echarts; the attack vector is client‑side and relies on user interaction.

Generated by OpenCVE AI on April 17, 2026 at 20:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Dify to version 1.13.0 or newer, which removes the vulnerable echarts handling.
  • If upgrading is delayed, disable echarts usage in the chat frontend or remove chart rendering until the patch is applied.
  • Apply additional client‑side defenses such as a Content Security Policy that blocks inline scripts and restricts script sources, and ensure that any user or LLM input is escaped or sanitized before being passed to echarts.

Generated by OpenCVE AI on April 17, 2026 at 20:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Dify
Dify dify
CPEs cpe:2.3:a:dify:dify:*:*:*:*:*:*:*:*
Vendors & Products Dify
Dify dify
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Thu, 12 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Langgenius
Langgenius dify
Vendors & Products Langgenius
Langgenius dify

Wed, 11 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
Description Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is fixed in 1.13.0.
Title Client‑side DOM XSS in the web chat app of Dify when using echarts
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Dify Dify
Langgenius Dify
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-12T21:16:35.748Z

Reserved: 2026-02-09T21:36:29.555Z

Link: CVE-2026-26023

cve-icon Vulnrichment

Updated: 2026-02-12T21:16:32.099Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-11T22:15:52.233

Modified: 2026-02-13T15:04:10.663

Link: CVE-2026-26023

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:15:27Z

Weaknesses