Description
DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options (`backgroundColor`, `fontFamily`, `textColor`) were not XML-escaped before interpolation into SVG output. This could allow Cross-Site Scripting (XSS) when applications pass untrusted input to `createAvatar()` and serve the resulting SVG inline or with `Content-Type: image/svg+xml`. Starting in versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, all affected SVG attribute values are properly escaped using XML entity encoding. Users should upgrade to the listed patched versions. Some mitigating factors limit vulnerability. Applications that validate input against the library's JSON Schema before passing it to `createAvatar()` are not affected. The DiceBear CLI validates input via AJV and was not vulnerable. Exploitation requires that an application passes untrusted, unvalidated external input directly as option values.
Published: 2026-03-24
Score: 4.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross-site scripting via unsanitized SVG attributes
Action: Patch
AI Analysis

Impact

DiceBear, an avatar generation library, handles several SVG attribute values such as backgroundColor, fontFamily, and textColor by interpolating user‑supplied values directly into the SVG markup without XML escaping. This omission permits attackers to inject crafted strings that resolve into executable JavaScript when the resulting SVG is served inline or with the proper Content‑Type header. The flaw is a classic cross‑site scripting vulnerability (CWE‑79) that can compromise data confidentiality, integrity, and availability of affected web applications.

Affected Systems

The vulnerability impacts the dicebear products @dicebear/core and @dicebear/initials. Any release from version 5.0.0 through the predecessor of 5.4.4, from 6.0.0 through the predecessor of 6.1.4, from 7.0.0 through 7.1.3, from 8.0.0 through 8.0.2, and from 9.0.0 through 9.4.0 is affected. Upgraded releases 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1 contain an XML‑escaping fix and are immune to the flaw.

Risk and Exploitability

The CVSS score of 4.7 indicates a moderate severity level. Because exploitation requires that an application pass untrusted input directly to createAvatar and expose the resulting SVG to clients, the attack is limited to scenarios where input validation is absent or inadequate. The vulnerability is not listed in the CISA KEV catalog and the EPSS score is unavailable, implying no widespread exploitation yet, but the potential impact warrants prompt remediation.

Generated by OpenCVE AI on March 24, 2026 at 20:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade @dicebear/core and @dicebear/initials to at least version 5.4.4, 6.1.4, 7.1.4, 8.0.3, or 9.4.1, or any newer patched release.
  • Validate all values passed to createAvatar against the DiceBear JSON schema or ensure XML escaping before use.
  • If an immediate upgrade is not possible, restrict untrusted external data from being forwarded to createAvatar to prevent XSS.

Generated by OpenCVE AI on March 24, 2026 at 20:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-mr9r-mww3-v6gv SVG Injection via Unsanitized Options in @dicebear/core and @dicebear/initials
History

Thu, 26 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Dicebear
Dicebear dicebear
CPEs cpe:2.3:a:dicebear:dicebear:*:*:*:*:*:*:*:*
Vendors & Products Dicebear
Dicebear dicebear

Tue, 24 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Description DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options (`backgroundColor`, `fontFamily`, `textColor`) were not XML-escaped before interpolation into SVG output. This could allow Cross-Site Scripting (XSS) when applications pass untrusted input to `createAvatar()` and serve the resulting SVG inline or with `Content-Type: image/svg+xml`. Starting in versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, all affected SVG attribute values are properly escaped using XML entity encoding. Users should upgrade to the listed patched versions. Some mitigating factors limit vulnerability. Applications that validate input against the library's JSON Schema before passing it to `createAvatar()` are not affected. The DiceBear CLI validates input via AJV and was not vulnerable. Exploitation requires that an application passes untrusted, unvalidated external input directly as option values.
Title @dicebear/core and @dicebear/initials Vulnerable to SVG Injection via Unsanitized Options
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Dicebear Dicebear
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-26T13:06:31.409Z

Reserved: 2026-03-18T21:23:36.676Z

Link: CVE-2026-33311

cve-icon Vulnrichment

Updated: 2026-03-26T13:06:27.509Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-24T14:16:30.290

Modified: 2026-03-24T19:19:30.667

Link: CVE-2026-33311

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:50:14Z

Weaknesses