DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-23960: Argo Workflows: The Artifact Directory Trap

#security #cve #cybersecurity

Argo Workflows: The Artifact Directory Trap

Vulnerability ID: CVE-2026-23960
CVSS Score: 8.1
Published: 2026-01-21

A high-severity Stored Cross-Site Scripting (XSS) vulnerability exists in the Argo Workflows Artifact Server. By crafting malicious filenames in workflow outputs, attackers can inject arbitrary JavaScript that executes when an administrator views the artifact directory listing.

TL;DR

Argo Workflows didn't sanitize filenames in its artifact browser. An attacker can create a file named <script>alert(1)</script>, and when an admin views the file list in the UI, the script executes. This leads to session hijacking and potential Kubernetes cluster compromise via the Argo API.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-79
  • Attack Vector: Network
  • CVSS: 8.1 (High)
  • Exploit Status: PoC Available
  • Privileges Required: Low (Workflow Submitter)
  • User Interaction: Required

Affected Systems

  • Argo Workflows Server
  • Argo UI (Artifacts Tab)
  • Argo Workflows: < 3.6.17 (Fixed in: 3.6.17)
  • Argo Workflows: < 3.7.8 (Fixed in: 3.7.8)

Code Analysis

Commit: 159a5c5

fix: sanitize artifact filenames in directory listing and add CSP headers

- fmt.Fprintf(w, "<li><a href=\"%s\">%s</a></li>\n", file, file)
+ tmpl.Execute(w, file)
Enter fullscreen mode Exit fullscreen mode

Exploit Details

Mitigation Strategies

  • Input Sanitization: Never trust filenames from object storage.
  • Context-Aware Output Encoding: Use 'html/template' instead of string formatting.
  • Content Security Policy (CSP): Implement 'sandbox' directives for user-generated content.
  • Defense in Depth: Prepend relative paths to href attributes.

Remediation Steps:

  1. Upgrade Argo Workflows to v3.6.17 or v3.7.8 immediately.
  2. If upgrading is not possible, disable the Artifact Server component via the workflow-controller-configmap.
  3. Configure a reverse proxy (Nginx/Envoy) in front of Argo Server to inject 'Content-Security-Policy: sandbox' headers for the /artifact-files/ path.

References

Read the full report for CVE-2026-23960 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)