Skip to main content
A Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Six years running.Find Out Why
CVE Vulnerability Database
Vulnerability Database/CVE-2026-41472

CVE-2026-41472: CyberPanel Stored XSS Vulnerability

CVE-2026-41472 is a stored cross-site scripting flaw in CyberPanel that allows unauthenticated attackers to inject malicious JavaScript via the AI Scanner dashboard, potentially leading to remote code execution.

Published:

CVE-2026-41472 Overview

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting (XSS) vulnerability in the AI Scanner dashboard. The POST /api/ai-scanner/callback endpoint lacks proper authentication, allowing unauthenticated attackers to inject malicious JavaScript by overwriting the findings_json field of ScanHistory records. When an administrator visits the AI Scanner dashboard, the injected JavaScript executes within their authenticated session, enabling attackers to issue same-origin requests to plant cron jobs and ultimately achieve remote code execution on the server.

Critical Impact

Unauthenticated attackers can chain stored XSS with cron job manipulation to achieve full remote code execution on CyberPanel servers, compromising all hosted websites and sensitive data.

Affected Products

  • CyberPanel versions prior to 2.4.4
  • CyberPanel AI Scanner dashboard component
  • Systems with the /api/ai-scanner/callback endpoint exposed

Discovery Timeline

  • 2026-04-24 - CVE-2026-41472 published to NVD
  • 2026-04-28 - Last updated in NVD database

Technical Details for CVE-2026-41472

Vulnerability Analysis

This vulnerability represents a dangerous attack chain combining an unauthenticated stored XSS vulnerability with privilege escalation to achieve remote code execution. The root issue lies in the AI Scanner callback endpoint accepting unauthenticated POST requests that can modify scan history records displayed to administrators.

The attack flow begins when an attacker sends a crafted POST request to /api/ai-scanner/callback containing malicious JavaScript payloads within the findings_json field. Because this endpoint lacks authentication checks, any remote attacker can inject arbitrary content. The stored payload persists in the database and executes whenever an administrator views the AI Scanner dashboard, running with the administrator's session privileges.

The downstream impact is severe—the injected JavaScript can leverage the administrator's authenticated session to make same-origin requests to CyberPanel's administrative functions. Attackers specifically target cron job creation endpoints to establish persistent backdoor access, effectively escalating from XSS to full remote code execution on the underlying server.

Root Cause

The vulnerability stems from two critical security failures: missing authentication on the /api/ai-scanner/callback endpoint and insufficient input sanitization of the findings_json field before rendering in the administrator dashboard. The combination of these flaws enables unauthenticated stored XSS with significant downstream exploitation potential.

Attack Vector

The attack is network-based and requires no authentication. An attacker sends a malicious POST request to the vulnerable callback endpoint to store JavaScript payloads. User interaction is required as an administrator must visit the AI Scanner dashboard for the payload to execute. Once triggered, the JavaScript runs with full administrative privileges, allowing the attacker to:

  1. Access sensitive configuration data
  2. Create malicious cron jobs for persistent access
  3. Execute arbitrary commands on the server
  4. Compromise all websites hosted on the CyberPanel instance

The following patch was applied to address access control issues in CyberPanel v2.4.4:

python
             else:
                 if childDomain.master.admin.owner == admin.pk:
                     return 1
+                else:
+                    return 0
 
         except:
             domainName = Websites.objects.get(domain=domain)

Source: GitHub Commit Change

Additional changes were made to improve filtering logic for child domains:

python
             childDomains = []

             for web in websites:
-                for child in web.childdomains_set.filter(alais=0):
-                    if child.domain == f'mail.{web.domain}':
-                        pass
-                    else:
-                        childDomains.append(child)
+                for child in web.childdomains_set.all():
+                    if child.alais == 0:
+                        if child.domain == f'mail.{web.domain}':
+                            pass
+                        else:
+                            childDomains.append(child)

             pagination = self.getPagination(len(childDomains), recordsToShow)
             json_data = self.findChildsListJson(childDomains[finalPageNumber:endPageNumber])

Source: GitHub Commit Change

Detection Methods for CVE-2026-41472

Indicators of Compromise

  • Unexpected POST requests to /api/ai-scanner/callback from external IP addresses
  • Suspicious JavaScript code or HTML tags present in ScanHistory database records
  • Unauthorized cron job entries created through the CyberPanel interface
  • Web server logs showing unauthenticated access attempts to AI Scanner endpoints

Detection Strategies

  • Implement web application firewall (WAF) rules to detect XSS payloads in POST request bodies targeting the AI Scanner callback endpoint
  • Monitor database queries and modifications to the ScanHistory table for anomalous content patterns
  • Configure SIEM rules to alert on unusual administrative actions following AI Scanner dashboard access
  • Deploy endpoint detection solutions to identify unexpected cron job creations or shell commands

Monitoring Recommendations

  • Enable detailed logging for all requests to /api/ai-scanner/* endpoints
  • Implement real-time alerting for unauthenticated API access attempts
  • Monitor cron job configurations for unauthorized additions or modifications
  • Review administrator session activity logs for suspicious same-origin requests following dashboard access

How to Mitigate CVE-2026-41472

Immediate Actions Required

  • Upgrade CyberPanel to version 2.4.4 or later immediately
  • Review existing ScanHistory records for signs of injected malicious content
  • Audit cron jobs on affected systems for unauthorized entries
  • Temporarily restrict network access to the /api/ai-scanner/callback endpoint if patching cannot be performed immediately

Patch Information

CyberPanel has released version 2.4.4 which addresses this vulnerability by implementing proper authentication checks on the AI Scanner callback endpoint and sanitizing input before storage. The security patch is available through the official GitHub repository. Additional technical analysis is available in the ITsRez RCE Analysis and the VulnCheck CyberPanel Advisory.

Workarounds

  • Block external access to /api/ai-scanner/callback at the firewall or reverse proxy level until patching is complete
  • Implement Content Security Policy (CSP) headers to mitigate XSS impact
  • Restrict CyberPanel administrative interface access to trusted IP addresses only
  • Consider disabling the AI Scanner feature if not actively used
bash
# Example: Block AI Scanner callback endpoint using nginx
location /api/ai-scanner/callback {
    allow 127.0.0.1;
    deny all;
    return 403;
}

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.

Try SentinelOne