Craft CMS Stored XSS Vulnerability (CVE-2026-27126) in editableTable Component

Thinking Process: 1. Analyze the Request: Task: Translate a Chinese vulnerability intelligence summary to English. Role: Professional translator specializing in cybersecurity. Constraints: Maintain all Markdown formatting intact. Do not add any introductory or concluding remarks. Just output the English translation. Input: A Markdown snippet containing vulnerability details (Type, CVE, Severity, Component, Description, Affected/Fixed Versions, Prerequisites, Reproduction Steps, References). 2. Analyze the Input Content: Header: (Key Vulnerability Information) Section 1: (Vulnerability Details) Type: 存储型 XSS (Stored XSS) CVE ID: CVE-2026-27126 Severity: 低 (Low) Component: component, when using column type Description: Stored XSS vulnerability when using column type stored in table fields. App doesn't sanitize input, allows attacker to execute arbitrary JS when another user views the page and displays malicious table fields. Section 2: (Affected Versions and Fixed Versions) Affected: >= 4.5.0-RC1, = 5.0.0-RC1, (Or "Key Vulnerability Information". "Critical" might be too strong given severity is Low. "Key" is safer, but "Vulnerability Summary" is common. Let's stick close to the meaning. "Key Vulnerability Information" is fine, or "Vulnerability Summary". Given it's a summary, "Vulnerability Summary" sounds more natural in English security reports. However, "关键" often translates to "Critical" in titles, but contextually it means "Key/Important". Let's use "Key Vulnerability Information" to be faithful, or "Vulnerability Summary". I will use "Key Vulnerability Information" to stay close to the source, but "Vulnerability Details" is often used for the whole doc. Let's go with .) Section 1: -> : : : : : : : Text: "When using the column type stored in table fields, there is a stored cross-site scripting (XSS) vulnerability. The application does not sanitize input, allowing an attacker to execute arbitrary JavaScript code when another user views the page and displays malicious table fields." Section 2: -> : : Section 3: -> Text: "Requires an administrator account" Text: " must be enabled in the production environment, which violates our security recommendations." Section 4: -> Step 1: Navigate to and create a new field of type . Step 2: Add a column header and set the column type to . Note: The vulnerable column type is , but it is not available in the user interface dropdown menu. Step 3: In the "Default Value" section, add a row using the following payload: Step 4: Enable static rows. Step 5: Intercept the request using a proxy tool (e.g., Burp Suite), or use directly. Step 6: Modify the request body, changing the parameter from to . Step 7: Send the request to save the field. Step 8: Use this field for any object (e.g., user profile field) -> Then access any user's profile. Step 9: Observe the execution of the XSS. Step 10: The XSS will also be triggered when an administrator attempts to edit the field, as the malicious payload is executed within the field configuration page. Section 5: -> 4. Review and Refine: Check Markdown syntax (headers, lists, code blocks, bold text). Ensure technical terms are accurate (e.g., "Stored XSS", "Payload", "Sanitize", "Prerequisites"). Ensure the tone is professional. Check specific terms: , , , . Keep these as is. Check version ranges: . Keep format. Check code block content: . Keep as is. Check link format: . Keep as is. Refinement on "关键漏洞信息": In security contexts, "Key Vulnerability Information" is okay, but "Vulnerability Summary" is often preferred. However, "关键" literally means "Key" or "Critical". Since the severity is Low, "Critical" is misleading. "Key" is better. I will use . Refinement on "存储型 XSS": "Stored XSS" is the standard term. Refinement on "列类型": "Column type". Refinement on "单行文本": "Single Line Text". Refinement on "静态行": "Static rows". Refinement on "有效负载": "Payload". Refinement on "清洗": "Sanitize". 5. Final Polish: Make sure no extra text is added before or after the markdown block. Self-Correction on Step 2 Note: "注意：易受攻击的列类型是 ，但它不在用户界面的下拉菜单中。" -> "Note: The vulnerable column type is , but it is not available in the user interface dropdown menu." Self-Correction on Step 10: "在管理员尝试编辑该字段时，XSS 也将被触发，因为恶意有效负载在字段配置页面内被执行。" -> "The XSS will also be triggered when an administrator attempts to edit the field, as the malicious payload is executed within the field configuration page." Looks good. Ready to generate output. 6. Final Check against Constraints: Markdown formatting intact? Yes. No intro/outro? Yes. Professional cybersecurity tone? Yes. Let's assemble the final output. Wait, I need to check the original markdown indentation for lists. Original: - 受影响版本: - >= 4.5.0-RC1, = 5.0.0-RC1, = 4.5.0-RC1, = 5.0.0-RC1, "Key Vulnerability Information" is literal. "Vulnerability Summary" is more idiomatic. Given the instruction is to translate, I should balance accuracy and idiom. "Key Vulnerability Information" is safe. "严重性": "Severity". "组件": "Component". "描述": "

Goal Reached Thanks to every supporter — we hit 100%!

Craft CMS Stored XSS Vulnerability (CVE-2026-27126) in editableTable Component

More from this source