CVE-2026-34403— Nginx-UI vulnerable to Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints

Nginx-UI vulnerable to Cross-Site WebSocket Hijacking (CSWSH) via missing origin validation on all WebSocket endpoints

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking (CSWSH). Combined with the fact that authentication tokens are stored in browser cookies (set via JavaScript without HttpOnly or explicit SameSite attributes), a malicious webpage can establish authenticated WebSocket connections to the nginx-ui instance when a logged-in administrator visits the attacker-controlled page. Version 2.3.5 patches the issue.

N/A

CWE-1385

Nginx UI 安全漏洞

Nginx UI是Jacky个人开发者的一个 Nginx 的 WebUI。 Nginx UI 2.3.5之前版本存在安全漏洞，该漏洞源于WebSocket端点未验证来源且身份验证令牌存储不安全，可能导致跨站WebSocket劫持攻击。

N/A

N/A