CVE-2026-8661
Awaiting Analysis Awaiting Analysis - Queue
Server-Side XSS and SSRF in Rapid7 InsightConnect Markdown Plugin

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: Rapid7, Inc.

Description
Server-Side Cross-Site Scripting and Server-Side Request Forgery vulnerability in the markdown_to_pdf action of Rapid7 InsightConnect Markdown Plugin version 3.1.4 and earlier on Linux allows remote attackers to execute JavaScript server-side and make arbitrary outbound HTTP requests via crafted content embedded in Markdown input. The PDF rendering engine does not restrict script execution or outbound network access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
2026-06-26
NVD
CVE-2026-8661
EUVD
EUVD-2026-39616
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
rapid7 insightconnect_markdown_plugin to 4.0.0 (exc)
rapid7 insightconnect_markdown_plugin 4.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-8661 is a vulnerability in the Rapid7 InsightConnect Markdown plugin, specifically in the markdown_to_pdf action of versions 3.1.4 and earlier on Linux.

This vulnerability allows remote attackers to execute JavaScript code on the server side and perform arbitrary outbound HTTP requests by embedding crafted content within Markdown input.

The root cause is that the PDF rendering engine used by the plugin does not restrict script execution or outbound network access during the conversion process.

Impact Analysis

This vulnerability can impact you by allowing attackers to execute malicious JavaScript code on the server hosting the plugin.

Attackers can also make unauthorized outbound HTTP requests from the server, potentially accessing internal resources or exfiltrating data.

Such actions can lead to information disclosure, unauthorized network activity, and compromise of the server environment.

Mitigation Strategies

To mitigate CVE-2026-8661, you should upgrade the Rapid7 InsightConnect Markdown plugin to version 4.0.0 or later.

This update includes an SDK bump to version 6.4.3 and disables JavaScript execution within the PDF rendering process, preventing server-side script execution and outbound HTTP requests from crafted Markdown input.

Compliance Impact

The vulnerability in the Rapid7 InsightConnect Markdown plugin allows remote attackers to execute JavaScript server-side and make arbitrary outbound HTTP requests via crafted Markdown input. This could lead to unauthorized data access or data exfiltration from the server hosting the plugin.

Such unauthorized access or data leakage could potentially impact compliance with data protection regulations like GDPR or HIPAA, which require strict controls over personal and sensitive data to prevent unauthorized disclosure.

However, the provided information does not explicitly state the direct impact on compliance frameworks or specific regulatory requirements.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8661. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart