CVE-2026-33758

Critical CVSS: 9.4

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao installations that have an OIDC/JWT authentication method enabled and a role with `callback_mode=direct` configured are vulnerable to XSS via the `error_description` parameter on the page for a failed authentication. This allows an attacker access to the token used in the Web UI by a victim. The `error_description` parameter has been replaced with a static error message in v2.5.2. The vulnerability can be mitigated by removing any roles with `callback_mode` set to `direct`.

Vendor

Openbao

Product

Openbao

CWE

CWE-20

Yayın Tarihi

2026-03-27 15:16:57

Güncelleme

2026-03-30 17:21:54

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-20 Openbao CRITICAL Openbao 2026

Referanslar

https://github.com/openbao/openbao/commit/6e2b2dd84f0e47cebc90d6e79609dd5274732662 https://github.com/openbao/openbao/pull/2709 https://github.com/openbao/openbao/releases/tag/v2.5.2 https://github.com/openbao/openbao/security/advisories/GHSA-cpj3-3r2f-xj59

Benzer Kayıtlar

Critical

CVE-2026-33757

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for…

High

CVE-2025-64761

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could…

High

CVE-2025-59048

OpenBao's AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is v…

Medium

CVE-2025-62705

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not…

Medium

CVE-2025-62513

OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao's audit log expe…

High

CVE-2025-59043

OpenBao is an open source identity-based secrets management system. In OpenBao versions prior to 2.4.1, JSON objects aft…