CVE-2026-7299

Published: Giu 02, 2026 Last Modified: Giu 02, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: low
Availability: none

Description

AI Translation Available

Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a malicious table or column names triggering arbitrary code execution in the sessions of other workspace members when they interact with the same datasource.

https://www.kb.cert.org/vuls/id/265691
https://www.kb.cert.org/vuls/id/265691
https://github.com/appsmithorg/appsmith/commit/99d691809199…
https://github.com/appsmithorg/appsmith/commit/99d69180919981ed9bc5484050d809a5…
https://github.com/appsmithorg/appsmith/pull/41666
https://github.com/appsmithorg/appsmith/pull/41666
https://github.com/appsmithorg/appsmith/releases/tag/v2.1
https://github.com/appsmithorg/appsmith/releases/tag/v2.1
https://github.com/appsmithorg/appsmith/security/advisories…
https://github.com/appsmithorg/appsmith/security/advisories/GHSA-vvxf-f8q9-86gh
https://github.com/Stuub/Appsmith-1.98-Stored-XSS-Exploit
https://github.com/Stuub/Appsmith-1.98-Stored-XSS-Exploit