logo

Database

Lack of data validation - Path Traversal In github.com/openbao/openbao

Description

OpenBao has Reflected XSS in its OIDC authentication error message

Impact

OpenBao installations that have an OIDC/JWT authentication method enabled and a role with callback_mode=direct configured are vulnerable to XSS via the error_description parameter on the page for a failed authentication.

This allows an attacker access to the token used in the Web UI by a victim.

Patches

The error_description parameter has been replaced with a static error message in v2.5.2

Workarounds

The vulnerability can be mitigated by removing any roles with callback_mode set to direct.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-337582. NVD-2026-337583. OSV-2026-337584. GHSA-cpj3-3r2f-xj595. GCVE-2026-33758

References

1. https://github.com/openbao/openbao/security/advisories/GHSA-cpj3-3r2f-xj592. https://github.com/openbao/openbao/pull/27093. https://github.com/openbao/openbao/commit/6e2b2dd84f0e47cebc90d6e79609dd52747326624. https://github.com/openbao/openbao/releases/tag/v2.5.2

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.