{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23960", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T14:49:06.313Z", "datePublished": "2026-01-21T22:02:50.491Z", "dateUpdated": "2026-01-22T16:49:43.075Z"}, "containers": {"cna": {"title": "Argo Workflows affected by stored XSS in the artifact directory listing", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82"}, {"name": "https://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17", "tags": ["x_refsource_MISC"], "url": "https://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17"}, {"name": "https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244", "tags": ["x_refsource_MISC"], "url": "https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244"}, {"name": "https://github.com/argoproj/argo-workflows/releases/tag/v3.6.17", "tags": ["x_refsource_MISC"], "url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.6.17"}, {"name": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.8", "tags": ["x_refsource_MISC"], "url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.8"}], "affected": [{"vendor": "argoproj", "product": "argo-workflows", "versions": [{"version": "< 3.6.17", "status": "affected"}, {"version": ">= 3.7.0, < 3.7.8", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T22:02:50.491Z"}, "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user\u2019s browser under the Argo Server origin, enabling API actions with the victim\u2019s privileges. Versions 3.6.17 and 3.7.8 fix the issue."}], "source": {"advisory": "GHSA-cv78-6m8q-ph82", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T15:10:53.206772Z", "id": "CVE-2026-23960", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T16:49:43.075Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23960", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-22T15:10:53.206772Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T15:10:54.480Z"}}], "cna": {"title": "Argo Workflows affected by stored XSS in the artifact directory listing", "source": {"advisory": "GHSA-cv78-6m8q-ph82", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "argoproj", "product": "argo-workflows", "versions": [{"status": "affected", "version": "< 3.6.17"}, {"status": "affected", "version": ">= 3.7.0, < 3.7.8"}]}], "references": [{"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82", "name": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17", "name": "https://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244", "name": "https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.6.17", "name": "https://github.com/argoproj/argo-workflows/releases/tag/v3.6.17", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.8", "name": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.8", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user\u2019s browser under the Argo Server origin, enabling API actions with the victim\u2019s privileges. Versions 3.6.17 and 3.7.8 fix the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T22:02:50.491Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23960", "state": "PUBLISHED", "dateUpdated": "2026-01-22T16:49:43.075Z", "dateReserved": "2026-01-19T14:49:06.313Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-21T22:02:50.491Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:argoproj:argo_workflows:*:*:*:*:*:go:*:*", "matchCriteriaId": "FBACAF34-13D0-430F-8730-7613ADFE12D4", "versionEndExcluding": "3.6.17", "vulnerable": true}, {"criteria": "cpe:2.3:a:argoproj:argo_workflows:*:*:*:*:*:go:*:*", "matchCriteriaId": "FBAC2E34-63C4-4F95-821A-4159E1B8300E", "versionEndExcluding": "3.7.8", "versionStartIncluding": "3.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user\u2019s browser under the Argo Server origin, enabling API actions with the victim\u2019s privileges. Versions 3.6.17 and 3.7.8 fix the issue."}], "id": "CVE-2026-23960", "lastModified": "2026-02-17T16:56:21.320", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-21T22:15:50.627", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.6.17"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/argoproj/argo-workflows/releases/tag/v3.7.8"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "argo-workflows: Argo Workflows: Privilege escalation and information disclosure via stored Cross-Site Scripting (XSS)", "id": "2431881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431881"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-79", "details": ["Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.6.17 and 3.7.8, stored XSS in the artifact directory listing allows any workflow author to execute arbitrary JavaScript in another user\u2019s browser under the Argo Server origin, enabling API actions with the victim\u2019s privileges. Versions 3.6.17 and 3.7.8 fix the issue.", "A flaw was found in Argo Workflows, an open-source container-native workflow engine for orchestrating parallel jobs on Kubernetes. This stored Cross-Site Scripting (XSS) vulnerability in the artifact directory listing allows any workflow author to execute unauthorized JavaScript code in another user's web browser. This can lead to the compromise of the victim's session and enable an attacker to perform actions with the victim's privileges, potentially resulting in information disclosure or privilege escalation within the Argo Server environment."], "name": "CVE-2026-23960", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-api-server-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-api-server-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-driver-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-driver-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-launcher-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-launcher-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2026-01-21T22:02:50Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23960\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23960\nhttps://github.com/argoproj/argo-workflows/blob/9872c296d29dcc5e9c78493054961ede9fc30797/server/artifacts/artifact_server.go#L194-L244\nhttps://github.com/argoproj/argo-workflows/commit/159a5c56285ecd4d3bb0a67aeef4507779a44e17\nhttps://github.com/argoproj/argo-workflows/releases/tag/v3.6.17\nhttps://github.com/argoproj/argo-workflows/releases/tag/v3.7.8\nhttps://github.com/argoproj/argo-workflows/security/advisories/GHSA-cv78-6m8q-ph82"], "threat_severity": "Important"}

{"analysis": {"en": {"generated_at": "2026-04-18T15:31:33.984076+00:00", "value": {"mitigation_remediation": ["Upgrade Argo Workflows to version\u202f3.6.17 or\u202f3.7.8, which contain the patch for the stored XSS flaw.", "If an upgrade is not immediately possible, restrict the ability to create or modify workflows to trusted users and monitor artifact listings for unexpected filenames or content.", "Apply general input validation and output encoding practices for artifact directory listings to mitigate potential cross\u2011site scripting, consistent with CWE\u201179 remediation guidelines."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation via Stored XSS"}, "threat_synthesis": {"affected_systems": "The flaw exists in all releases of Argo Workflows before v3.6.17 and v3.7.8. Any installation of these affected versions that exposes artifact listings is at risk.", "description_and_impact": "Argo Workflows suffers a stored cross\u2011site scripting flaw that appears in the artifact directory listing. The vulnerability, classified as CWE\u201179, allows a workflow author to embed malicious JavaScript that is executed in the victim\u2019s browser under the Argo Server origin. The injected script can then perform API calls using the victim\u2019s privileges, effectively giving the attacker the ability to act on behalf of the user and potentially compromise workflow or cluster resources.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 7.3 and an EPSS score of less than 1\u202f%, indicating a moderate severity but low current exploitation probability, and it is not listed in the CISA Known Exploited Vulnerabilities catalog. Exploitation requires an authorized workflow author who can create or modify a workflow that presents a malicious artifact; once a victim views the listing, the stored XSS payload runs in the victim\u2019s browser and enables the attacker to perform privileged API actions."}}}}, "created": "2026-01-22T10:08:39.572236+00:00", "updated": "2026-04-18T15:45:04.263808+00:00", "vendors": ["argoproj", "argoproj$PRODUCT$argo-workflows"]}