DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-22033: Label Studio: Tagging Admins for Takeover via IDOR & XSS

#security #cve #cybersecurity

Label Studio: Tagging Admins for Takeover via IDOR & XSS

Vulnerability ID: CVE-2026-22033
CVSS Score: 8.6
Published: 2026-01-12

A critical chain of vulnerabilities in Label Studio allows attackers to combine an Insecure Direct Object Reference (IDOR) with a stored Cross-Site Scripting (XSS) payload to hijack administrator accounts. By exploiting a lack of input sanitization in the 'custom_hotkeys' feature and a naive template rendering strategy, attackers can inject malicious JavaScript that executes in the context of other users.

TL;DR

Label Studio versions <= 1.22.0 contain a critical flaw where user-defined hotkeys are rendered into the main HTML template without proper escaping. Because the API also lacks access controls (IDOR), a low-privileged attacker can push a malicious hotkey configuration to an administrator's profile. When the admin logs in, the injected JavaScript executes, exfiltrating their API token and granting the attacker full control over the instance.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-79 (XSS), CWE-284 (IDOR)
  • Attack Vector: Network (AV:N)
  • CVSS v4.0: 8.6 (High)
  • Privileges Required: Low (PR:L)
  • User Interaction: None (UI:N)
  • Exploit Status: PoC Available

Affected Systems

  • Label Studio <= 1.22.0
  • Label Studio Enterprise (affected versions)
  • Label Studio: <= 1.22.0 (Fixed in: post-1.22.0)

Code Analysis

Commit: ea2462b

fix: XSS vulnerability in custom_hotkeys rendering

-  var __customHotkeys = {{ user.custom_hotkeys|json_dumps_ensure_ascii|safe }};
+  var __customHotkeys = {{ user.custom_hotkeys|json_dumps_ensure_ascii|escape_lt_gt|safe }};
Enter fullscreen mode Exit fullscreen mode

Exploit Details

  • GitHub Advisory: Official advisory containing the vulnerability description and impact.

Mitigation Strategies

  • Input Sanitization
  • Output Encoding
  • Strict Access Control
  • Content Security Policy

Remediation Steps:

  1. Upgrade Label Studio to a version later than 1.22.0 immediately.
  2. If upgrading is not possible, apply the patch manually by modifying label_studio/templates/base.html to include the escape_lt_gt filter or equivalent escaping logic.
  3. Review users/api.py to ensure user profile updates are restricted to the authenticated user only (patching the IDOR).
  4. Rotate all API tokens for administrative users as a precaution.

References

Read the full report for CVE-2026-22033 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)