CVE-2026-9566
Deferred Deferred - Pending Action
Stored XSS in Teable Login Redirect Parameter

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: VulDB

Description
A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the component Sign-up. The manipulation of the argument redirect leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. Upgrading to version release.2026-04-21T08-57-20Z.1513 will fix this issue. The affected component should be upgraded. The vendor confirms: "The default branch of teableio/teable is develop, and the reported login redirect issue has already been fixed there. The login redirect flow now validates the redirect parameter with isValidRedirectPath() before navigation, which blocks javascript:, data:, and cross-origin redirects."
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-06-16
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-9566
EUVD
EUVD-2026-31906
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
teableio teable to 1.9.x (inc)
teableio teable release.2026-04-21T08-57-20Z.1513
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not include any details on how the vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability exists in the Teable application, specifically in the sign-up component's LoginPage.tsx file. It involves improper handling of the redirect argument, which can be manipulated to perform a cross-site scripting (XSS) attack. An attacker can craft a malicious redirect URL containing unsafe protocols like javascript:, causing arbitrary JavaScript code to execute in the victim's browser after login.

The vulnerability arises because the redirect parameter is not properly validated or sanitized before being used in navigation, allowing remote attackers to exploit it. The issue has been fixed by validating the redirect parameter with a function that blocks unsafe protocols and cross-origin redirects.

Impact Analysis

This vulnerability can lead to several security impacts including execution of arbitrary JavaScript code in users' browsers, which can result in session hijacking, credential theft, or unauthorized actions performed on behalf of the user.

Because the attack can be carried out remotely and the exploit is publicly available, it increases the risk of exploitation by malicious actors.

Detection Guidance

This vulnerability involves improper handling of the redirect parameter in the LoginPage.tsx file, which can be exploited via crafted URLs containing malicious redirect parameters such as javascript: payloads.

Detection on your system or network can involve monitoring for suspicious URLs or HTTP requests that include unusual or unsafe redirect parameters, especially those containing javascript:, data:, or cross-origin URLs.

You can use network traffic inspection tools or web server logs to search for requests to the login page with suspicious redirect parameters.

  • Use grep or similar tools on web server logs to find requests with redirect parameters containing 'javascript:' or other unsafe schemes, e.g.:
  • grep -i 'redirect=javascript:' /var/log/nginx/access.log
  • Use web application firewall (WAF) rules to detect and block requests with unsafe redirect parameters.
  • Monitor browser console logs or client-side behavior for unexpected script execution after login.
Mitigation Strategies

The primary mitigation step is to upgrade the affected Teable component to the fixed version release.2026-04-21T08-57-20Z.1513 or later, where the redirect parameter is properly validated.

The fix involves validating the redirect parameter using a function like isValidRedirectPath() to block unsafe protocols such as javascript:, data:, and cross-origin redirects.

Until the upgrade can be applied, consider implementing input validation or filtering on the redirect parameter at the web server or application level to reject unsafe values.

Additionally, monitor and block suspicious requests that attempt to exploit this vulnerability using WAF rules or network security controls.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9566. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart