CVE-2026-12047
Received Received - Intake
HTML Injection in pgAdmin 4 Cloud Module

Publication date: 2026-06-19

Last updated on: 2026-06-19

Assigner: PostgreSQL

Description
HTML injection in pgAdmin 4's cloud deployment module. The verify_credentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text β€” and the related file-resolution and database-commit exception text β€” into the JSON response body (the info and errormsg fields) without HTML-encoding. The Cloud Wizard frontend rendered these strings through html-react-parser, so an attacker-influenced exception message embedded structural HTML directly into the wizard's DOM. The reported entry point is /rds/verify_credentials/. An authenticated pgAdmin user submits a crafted access_key whose value contains an <iframe/src=...> payload; AWS STS rejects the credential with an IncompleteSignature exception whose text quotes the access_key verbatim; the pgAdmin backend forwards that text into the JSON info field; the Cloud Wizard's FormFooterMessage parses it as HTML. The browser fetches the iframe's src from an attacker-controlled host, and JavaScript executing inside the cross-origin iframe writes to parent.location, redirecting the victim's pgAdmin tab. Because the injection renders inside pgAdmin's own interface, X-Frame-Options and Content-Security-Policy frame-ancestors do not mitigate it. Baseline impact is self-targeted (the same user who supplied the payload sees the injection); escalation against other authenticated users requires an additional cross-site request-forgery primitive capable of submitting the malformed credential request with a valid X-pgA-CSRFToken in the victim's browser context. The same unsanitised-error-into-JSON pattern was present across multiple sibling endpoints β€” Azure's check_cluster_name_availability, every Google endpoint that surfaces SDK errors (verification_ack, projects, regions, instance_types, database_versions, the verify_credentials path-resolution branches), the central /deploy endpoint that bubbles str(e) from deploy_on_rds / deploy_on_azure / deploy_on_google, and update_cloud_server which surfaces the str(e) from a failing db.session.commit β€” all of which are now covered. Fix HTML-escapes every external/SDK exception string at the endpoint sink via a new shared sanitize_external_text helper (HTML escape with control-character strip), promoted out of the psycopg3 driver into web/pgadmin/utils/text_sanitize.py. The Cloud Wizard frontend additionally renders its FormFooterMessage in plain-text mode for backend-derived strings, so the value is never parsed as HTML even if a future sink forgets the escape. This issue affects pgAdmin 4: from 6.6 before 9.16.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-19
Last Modified
2026-06-19
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2026-12047
EUVD
EUVD-2026-37967
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
pgadmin pgadmin From 6.6 (inc) to 9.16 (exc)
pgadmin pgadmin 9.16
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-116 The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is an HTML injection issue in pgAdmin 4's cloud deployment module. Certain endpoints propagate exception messages from AWS, Azure, and Google SDKs directly into JSON response fields without HTML-encoding them. The frontend then renders these messages as HTML, allowing an attacker to embed malicious HTML or JavaScript payloads into the application's interface.

For example, an authenticated user can submit a crafted access key containing an iframe payload. When the backend rejects this key, it includes the raw exception text containing the payload in the JSON response. The frontend parses this as HTML, causing the browser to load the attacker's iframe and potentially redirect the victim's pgAdmin tab.

Because the injection occurs within pgAdmin's own interface, common protections like X-Frame-Options and Content-Security-Policy frame-ancestors do not prevent exploitation. The baseline impact is self-targeted, but with an additional cross-site request forgery (CSRF) attack, other authenticated users could be targeted.

Impact Analysis

This vulnerability can lead to cross-site scripting (XSS) attacks within the pgAdmin 4 cloud deployment interface. An attacker can inject malicious HTML or JavaScript that executes in the context of the victim's browser session.

  • Self-targeted impact: The user who submits the malicious payload sees the injection and may be redirected or have malicious scripts executed.
  • Potential escalation: If combined with a cross-site request forgery (CSRF) attack that submits the malicious payload on behalf of another authenticated user, the attacker can affect other users.

Such attacks can lead to session hijacking, unauthorized actions, or redirection to malicious sites, compromising the security and integrity of the pgAdmin environment.

Detection Guidance

This vulnerability involves HTML injection through error messages returned by specific pgAdmin 4 cloud deployment module endpoints when processing crafted credentials. Detection involves monitoring requests and responses to these endpoints for suspicious payloads or injected HTML content.

Specifically, the reported entry point is the /rds/verify_credentials/ endpoint, along with other endpoints under /rds/, /azure/, /google/, and /cloud/ blueprints that propagate SDK exception text without HTML encoding.

To detect exploitation attempts, you can inspect HTTP requests to these endpoints for unusual or crafted access_key values containing HTML or JavaScript payloads (e.g., <iframe> tags). Similarly, responses containing unescaped HTML in the JSON info or errormsg fields may indicate attempted exploitation.

Example commands to detect suspicious activity might include using network traffic inspection tools or command-line utilities such as:

  • Using curl or wget to manually test endpoints with crafted payloads and observe responses, e.g.: curl -i -X POST -d '{"access_key":"<iframe/src=...>"}' https://your-pgadmin-server/rds/verify_credentials/
  • Using grep or similar tools on server logs to find requests containing suspicious HTML tags or error messages with unescaped HTML, e.g.: grep -r '<iframe' /var/log/pgadmin/
  • Using web application security scanners or proxy tools (e.g., OWASP ZAP, Burp Suite) to automate detection of reflected HTML or JavaScript in JSON responses from the affected endpoints.
Mitigation Strategies

The primary mitigation is to upgrade pgAdmin 4 to version 9.16 or later, where the vulnerability has been fixed by applying HTML-escaping to all external SDK exception strings before including them in JSON responses.

The fix involves sanitizing all error messages from AWS, Azure, and Google SDKs using a shared helper function that escapes HTML and strips control characters, preventing injection of malicious HTML or JavaScript.

Additionally, the frontend Cloud Wizard component was updated to render backend-derived error messages in plain-text mode, ensuring that even if escaping is missed, the messages are not parsed as HTML.

Until the upgrade is applied, consider restricting access to the affected endpoints to trusted users only, monitoring for suspicious requests, and applying web application firewall (WAF) rules to block requests containing suspicious HTML payloads.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12047. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart