CVE-2026-27963— Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-27963
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata
Source: NVD (National Vulnerability Database)
Vulnerability Description
Audiobookshelf is a self-hosted audiobook and podcast server. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 2.32.0 of the Audiobookshelf web application that allows arbitrary JavaScript execution through malicious library metadata. Attackers with library modification privileges can execute code in victim users' browsers, potentially leading to session hijacking and data exfiltration. Version 2.32.0 contains a patch for the issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Audiobookshelf 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Audiobookshelf是Audiobookshelf开源的一个自托管的有声读物和播客服务器。 Audiobookshelf 2.32.0之前版本存在跨站脚本漏洞,该漏洞源于恶意库元数据导致存储型跨站脚本,可能导致会话劫持和数据渗漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| advplyr | audiobookshelf | < 2.32.0 | - |
II. Public POCs for CVE-2026-27963
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-27963
请登录查看更多情报信息。
Same Patch Batch · advplyr · 2026-02-26 · 3 CVEs total
| CVE-2026-27974 | 4.8 MEDIUM | Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobi |
| CVE-2026-27973 | 4.0 MEDIUM | Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results |
IV. Related Vulnerabilities
Same product: audiobookshelf
- CVE-2026-27973
Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audi - CVE-2025-57800
Audiobookshelf vulnerable to OIDC token exfiltration and acc - CVE-2025-46338
Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected - CVE-2025-25205
Remote Authentication-Bypass can lead to server crash or lim - CVE-2024-43797
Path Traversal in audiobookshelf
Same vendor: advplyr
- CVE-2026-27974
Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.j - CVE-2026-27973
Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audi - CVE-2025-57800
Audiobookshelf vulnerable to OIDC token exfiltration and acc - CVE-2025-46338
Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected - CVE-2025-25205
Remote Authentication-Bypass can lead to server crash or lim
Same weakness: CWE-79
- CVE-2026-8262
Devs Palace ERP Online chart-save cross site scripting - CVE-2026-8256
Devs Palace ERP Online mr-save cross site scripting - CVE-2026-8255
Devs Palace ERP Online add_new_customer cross site scripting - CVE-2026-8254
Devs Palace ERP Online sales_save cross site scripting - CVE-2026-8253
Devs Palace ERP Online purchase_save cross site scripting
V. Comments for CVE-2026-27963
No comments yet