Description
Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs[].displayName, inputs[].description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected into the DOM via Vue's v-html without any sanitization. This allows a flow author to embed arbitrary JavaScript that executes in the browser of any user who views or interacts with the flow. This is distinct from GHSA-r36c-83hm-pc8j / CVE-2026-29082, which covers only FilePreview.vue rendering .md files from execution outputs. The present finding affects different components, different data sources, and requires significantly less user interaction (zero-click for input.displayName). As of time of publication, it is unclear if a patch is available.
Published: 2026-03-26
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Stored cross‑site scripting that allows arbitrary JavaScript execution in the Kestra web interface
Action: Patch
AI Analysis

Impact

Kestra renders user‑supplied metadata from flow YAML files through a Markdown component with HTML enabled. The rendered content is directly injected into the page via Vue's v‑html directive without sanitization, allowing a flow author to embed malicious JavaScript. When any user views or interacts with the affected flow, the script executes in that user's browser, potentially stealing credentials or executing further actions.

Affected Systems

This vulnerability exists in all releases of Kestra up to and including version 1.3.3 issued by kestra‑io, affecting the Markdown.vue renderer used for flow metadata fields such as description, inputs[].displayName, and inputs[].description.

Risk and Exploitability

The flaw carries a CVSS score of 7.3, indicating high severity, while its EPSS score is below 1 % and it is not listed in the CISA KEV catalog, pointing to low probability of widespread exploitation. Nonetheless, the attack does not require any interaction from the victim beyond opening the flow, as the payload is stored and executed automatically. An attacker who can author or modify flows can leverage this to run arbitrary JavaScript in the context of any viewer’s session.

Generated by OpenCVE AI on March 31, 2026 at 06:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available Kestra patch or upgrade to a version newer than 1.3.3 that removes the unsanitized rendering
  • If no patch is released, disable the html option in the Markdown.vue component or manually sanitize the submitted YAML fields before rendering
  • Restrict flow creation and editing privileges to trusted users only to limit who can inject malicious content
  • Deploy a strict Content Security Policy on the Kestra web interface to mitigate the impact of any script execution
  • Monitor application logs and user activity for signs of malicious script injection or execution

Generated by OpenCVE AI on March 31, 2026 at 06:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
First Time appeared Kestra
Kestra kestra
CPEs cpe:2.3:a:kestra:kestra:*:*:*:*:*:*:*:*
Vendors & Products Kestra
Kestra kestra

Fri, 27 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Kestra-io
Kestra-io kestra
Vendors & Products Kestra-io
Kestra-io kestra

Thu, 26 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
Description Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YAML metadata fields — description, inputs[].displayName, inputs[].description — through the Markdown.vue component instantiated with html: true. The resulting HTML is injected into the DOM via Vue's v-html without any sanitization. This allows a flow author to embed arbitrary JavaScript that executes in the browser of any user who views or interacts with the flow. This is distinct from GHSA-r36c-83hm-pc8j / CVE-2026-29082, which covers only FilePreview.vue rendering .md files from execution outputs. The present finding affects different components, different data sources, and requires significantly less user interaction (zero-click for input.displayName). As of time of publication, it is unclear if a patch is available.
Title Kestra Vulnerable to Stored Cross-Site Scripting via Flow YAML Fields
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N'}

Subscriptions

Kestra Kestra
Kestra-io Kestra
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-27T13:55:17.704Z

Reserved: 2026-03-23T15:23:42.220Z

Link: CVE-2026-33664

cve-icon Vulnrichment

Updated: 2026-03-27T13:32:44.415Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-26T22:16:29.727

Modified: 2026-03-31T01:48:34.413

Link: CVE-2026-33664

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:01:28Z

Weaknesses