CVE-2026-36728

Deferred Deferred - Pending Action

Markdown XSS in FastapiAdmin AI Assistant Chat

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: MITRE

Description

A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a chat message.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-09

Generated

2026-06-30

AI Q&A

2026-06-10

EPSS Evaluated

2026-06-28

NVD

CVE-2026-36728

Affected Vendors & Products

Vendor	Product	Version / Range
fastapiadmin	fastapiadmin	2.2.0
fastapiadmin	fastapiadmin	to 2.2.0 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-79	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

Compliance Impact

The markdown-based Cross-Site Scripting (XSS) vulnerability in FastapiAdmin's AI assistant chat function allows attackers to execute arbitrary scripts, potentially leading to session hijacking and credential theft.

Such unauthorized access and data compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information against unauthorized access and breaches.

Failure to mitigate this vulnerability could result in violations of these regulations due to exposure of user data or unauthorized actions performed on behalf of users.

Executive Summary

This vulnerability is a markdown-based Cross-Site Scripting (XSS) issue found in the AI assistant chat function of FastapiAdmin version 2.2.0 and earlier.

It occurs because user-supplied chat messages are stored without any sanitization or validation and then rendered on the frontend using the markdown-it library, which does not have built-in XSS protection.

As a result, an authenticated attacker can inject malicious JavaScript code into chat messages that will execute when other users view those messages.

Impact Analysis

This vulnerability can lead to serious security impacts including session hijacking, credential theft, and unauthorized actions performed on behalf of victims.

Because the malicious script executes in the context of the victim's browser, attackers can steal sensitive information or manipulate the application to perform harmful operations.

Detection Guidance

This vulnerability can be detected by testing the AI assistant chat functionality in FastapiAdmin for the presence of markdown-based XSS payload execution. Specifically, injecting crafted payloads such as <img src=x onerror='alert(1)' /> into chat messages and observing if the script executes when the message is rendered indicates the vulnerability.

Detection involves verifying if user-supplied message content is stored without sanitization and rendered using the markdown-it library with v-html, which allows arbitrary JavaScript execution.

While no specific commands are provided, a practical approach is to use the web interface to send test messages containing XSS payloads and monitor for script execution alerts or unexpected behavior.

Mitigation Strategies

Immediate mitigation steps include implementing HTML sanitization on user-supplied content after rendering markdown with markdown-it. Using libraries such as DOMPurify can help sanitize the HTML output to prevent XSS.

Alternatively, switching to a markdown editor with built-in XSS protection, like mavonEditor, can reduce the risk.

Additionally, deploying Content Security Policy (CSP) headers can help mitigate the impact of any potential exploits by restricting the execution of unauthorized scripts.

Hi! I’m here to help you understand CVE-2026-36728. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70