CVE-2026-54303 Overview
CVE-2026-54303 is a reflected cross-site scripting (XSS) vulnerability in n8n, an open source workflow automation platform. An endpoint in the Meta and Microsoft Teams trigger nodes reflects a user-controlled query parameter directly into the HTTP response. The endpoint applies no sanitization and emits no Content-Security-Policy headers. A logged-in user who visits a crafted URL executes attacker-supplied JavaScript in the n8n origin. The flaw is classified under [CWE-79] and affects n8n versions prior to 2.24.0. The maintainers fixed the issue in version 2.24.0.
Critical Impact
Attackers can execute arbitrary JavaScript in the n8n origin against authenticated users, enabling session abuse, credential theft, and workflow manipulation.
Affected Products
- n8n workflow automation platform versions prior to 2.24.0
- Meta trigger node endpoint
- Microsoft Teams trigger node endpoint
Discovery Timeline
- 2026-06-23 - CVE-2026-54303 published to NVD
- 2026-06-24 - Last updated in NVD database
Technical Details for CVE-2026-54303
Vulnerability Analysis
The vulnerability resides in a webhook-style endpoint used by the Meta and Microsoft Teams trigger nodes. The endpoint receives a query parameter and echoes that value back into the HTTP response body. Because the server neither HTML-encodes the value nor sets a restrictive Content-Security-Policy header, browsers parse injected markup as executable script.
Reflected XSS in the n8n origin grants the attacker the same browser context as the authenticated user. The script can read session cookies that lack the HttpOnly flag, issue authenticated API calls, exfiltrate workflow data, and modify automation logic. n8n workflows commonly hold OAuth tokens, API keys, and database credentials, which raises the downstream impact of any successful in-origin script execution.
The attack requires user interaction. A victim with an active n8n session must click an attacker-supplied link, typically delivered through phishing, chat, or a malicious referrer.
Root Cause
The trigger node endpoint concatenates an unsanitized query parameter into the response. Two controls are missing: output encoding for HTML contexts and a Content-Security-Policy header that would block inline script execution. Either control alone would have prevented exploitation.
Attack Vector
An attacker crafts a URL targeting the vulnerable Meta or Microsoft Teams trigger endpoint, embedding JavaScript in the reflected query parameter. The attacker delivers the URL to an authenticated n8n user. When the browser renders the response, the injected script executes inside the n8n origin and acts on behalf of the victim. See the GitHub Security Advisory GHSA-h86q-fx34-gfjr for vendor technical details.
Detection Methods for CVE-2026-54303
Indicators of Compromise
- HTTP requests to Meta or Microsoft Teams trigger node endpoints containing query parameters with <script>, javascript:, onerror=, or encoded variants such as %3Cscript%3E.
- Outbound requests from authenticated n8n browser sessions to unfamiliar domains immediately after a trigger endpoint request.
- Unexpected workflow modifications, credential reads, or API key exports correlated with a user who recently clicked an external link.
Detection Strategies
- Inspect reverse proxy and web application firewall logs for trigger node URLs containing script tags or event handler attributes in query strings.
- Review n8n audit logs for authenticated actions that originate from sessions with anomalous Referer headers pointing to external domains.
- Correlate browser-side errors and Content-Security-Policy violation reports, where available, against trigger node request paths.
Monitoring Recommendations
- Enable verbose access logging on the n8n reverse proxy and retain query string contents for trigger endpoints.
- Alert on any 200 response from Meta or Microsoft Teams trigger endpoints where the query string contains angle brackets or URL-encoded HTML entities.
- Monitor workflow credential and export API calls for unusual frequency or off-hours activity tied to interactive user sessions.
How to Mitigate CVE-2026-54303
Immediate Actions Required
- Upgrade n8n to version 2.24.0 or later on all self-hosted and managed instances.
- Invalidate active user sessions after upgrade and require re-authentication.
- Rotate credentials, OAuth tokens, and API keys stored in n8n if exploitation is suspected.
Patch Information
The maintainers fixed CVE-2026-54303 in n8n version 2.24.0. Operators should upgrade according to the official release notes and the GitHub Security Advisory GHSA-h86q-fx34-gfjr.
Workarounds
- Block access to the affected Meta and Microsoft Teams trigger endpoints at the reverse proxy until the upgrade completes.
- Deploy a web application firewall rule that rejects requests to trigger endpoints containing <, >, or javascript: in query parameters.
- Enforce a strict Content-Security-Policy header at the reverse proxy, disallowing inline scripts and restricting script-src to trusted origins.
# Example nginx rule to block suspicious query parameters on trigger endpoints
location ~ ^/webhook/.*(meta|microsoft-teams) {
if ($args ~* "(<|%3C)(script|img|svg|iframe)") {
return 403;
}
add_header Content-Security-Policy "default-src 'self'; script-src 'self'; object-src 'none'" always;
proxy_pass http://n8n_backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

