Vulnerability-Lookup

CVE-2026-25802 (GCVE-0-2026-25802)

Vulnerability from cvelistv5 – Published: 2026-02-24 00:42 – Updated: 2026-02-24 00:42

Title

New API has Potential XSS in its MarkdownRenderer component

Summary

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `<script>` tag. Version 0.10.8-alpha.9 fixes the issue.

Severity ?

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/QuantumNous/new-api/security/a…	x_refsource_CONFIRM
	https://github.com/QuantumNous/new-api/commit/ab5…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	QuantumNous	new-api	Affected: < 0.10.8-alpha.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "product": "new-api",
          "vendor": "QuantumNous",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.10.8-alpha.9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `\u003cscript\u003e` tag. Version 0.10.8-alpha.9 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T00:42:45.515Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq"
        },
        {
          "name": "https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b"
        }
      ],
      "source": {
        "advisory": "GHSA-299v-8pq9-5gjq",
        "discovery": "UNKNOWN"
      },
      "title": "New API has Potential XSS in its MarkdownRenderer component"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25802",
    "datePublished": "2026-02-24T00:42:45.515Z",
    "dateReserved": "2026-02-05T19:58:01.641Z",
    "dateUpdated": "2026-02-24T00:42:45.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-25802\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-02-24T01:16:14.927\",\"lastModified\":\"2026-02-25T20:17:51.200\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `\u003cscript\u003e` tag. Version 0.10.8-alpha.9 fixes the issue.\"},{\"lang\":\"es\",\"value\":\"Nueva API es una pasarela de modelo de lenguaje grande (LLM) y un sistema de gesti\u00f3n de activos de inteligencia artificial (IA). Antes de la versi\u00f3n 0.10.8-alpha.9, ocurre una operaci\u00f3n potencialmente insegura en el componente `MarkdownRenderer.jsx`, permitiendo cross-site scripting (XSS) cuando el modelo genera elementos que contienen la etiqueta `\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L\",\"baseScore\":7.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.3,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.10.8\",\"matchCriteriaId\":\"1527E2D6-778C-4D31-99A9-A21DE4621B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E4407B-5336-4C05-832E-AB226CB00D2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A0A79DD-86C8-464A-9CB8-85C1D3DF57EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F1C0B3-9CD8-4923-979D-A4BA24206E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha4:*:*:*:*:*:*\",\"matchCriteriaId\":\"108FA4C3-126D-4441-AA01-759D5ECF8F96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E268A4B-1BD9-46DF-8FA9-C69E7C886C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha6:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE947FCB-2C34-4E90-9ACB-BE488E8DF6AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha7:*:*:*:*:*:*\",\"matchCriteriaId\":\"3631CF4F-5C43-4213-9E37-5E8A7E7C4423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:newapi:new_api:0.10.8:alpha8:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8F77CC8-1191-4EE7-9D70-1867B832441A\"}]}]}],\"references\":[{\"url\":\"https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}"
  }
}

GHSA-299V-8PQ9-5GJQ

Vulnerability from github – Published: 2026-02-23 22:10 – Updated: 2026-02-24 16:08

Summary

New API has Potential XSS in its MarkdownRenderer component

Details

Summary

A potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site Scripting(XSS) when the model outputs items containing <script> tag.

Details

Line 212-231 of MarkdownRenderer.jsx is unsafe, it use dangerouslySetInnerHTML to preview html the model generates. This can trigger malcious scripts.

PoC

A simple way to exploit that is to ask the model in the playground, with prompt: "请帮我写个脚本，跳转到google", and then the browser will navigate to the google.com without user interference.

Impact

Potential malcious activity to the user using playground, if the model api is altered to output unintended codes.

Also, users may not be easily rid the exploit, since the record of the chat containing XSS script is stored, once opening the page later, the script will be re-triggered.

Potential Workaround

The preview may be placed in an iframe sandbox, dangerous html strings should be purified before rendering.

The reply generated for test is as below:

这是一个为您编写的单页 HTML 文件。它使用了两种方式来实现跳转，以确保在任何情况下都能工作：

JavaScript (window.location.replace)：这是最常用且高效的方法，它会立即跳转，并且不会保留当前页面在浏览器历史记录中（这样用户按“后退”键不会回到这个跳转页）。
HTML Meta Refresh：作为后备方案。如果用户的浏览器禁用了 JavaScript，这个标签会在 1 秒后将用户带往 Google。
手动链接：页面中显示了一个备用链接，以防自动跳转被拦截或失效。

您可以直接保存以下代码为 .html 文件并在浏览器中打开。

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>正在跳转至 Google...</title>

    <!-- 方法1：HTML Meta Refresh (如果JS被禁用，1秒后自动跳转) -->
    <meta http-equiv="refresh" content="1;url=https://www.google.com">

    <style>
        /* 基础重置与布局 */
        body, html {
            height: 100%;
            margin: 0;
            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
            background-color: #f8f9fa;
            color: #202124;
            display: flex;
            justify-content: center;
            align-items: center;
        }

        /* 卡片容器样式 */
        .redirect-card {
            background: white;
            padding: 2rem 3rem;
            border-radius: 12px;
            box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
            text-align: center;
            max-width: 400px;
            width: 90%;
        }

        /* 加载动画圆圈 */
        .spinner {
            border: 4px solid #f3f3f3;
            border-top: 4px solid #4285f4; /* Google Blue */
            border-radius: 50%;
            width: 40px;
            height: 40px;
            animation: spin 1s linear infinite;
            margin: 0 auto 1.5rem auto;
        }

        /* 文本排版 */
        h1 {
            font-size: 1.25rem;
            margin-bottom: 0.5rem;
            font-weight: 500;
        }

        p {
            font-size: 0.95rem;
            color: #5f6368;
            margin-bottom: 1.5rem;
            line-height: 1.5;
        }

        /* 手动链接样式 */
        .manual-link {
            display: inline-block;
            color: #1a73e8; /* Google Link Blue */
            text-decoration: none;
            font-weight: 500;
            padding: 0.5rem 1rem;
            border: 1px solid #dadce0;
            border-radius: 4px;
            transition: background-color 0.2s;
        }

        .manual-link:hover {
            background-color: #f1f3f4;
            text-decoration: underline;
        }

        /* 动画定义 */
        @keyframes spin {
            0% { transform: rotate(0deg); }
            100% { transform: rotate(360deg); }
        }
    </style>
</head>
<body>

    <main class="redirect-card">
        <!-- 视觉反馈：加载动画 -->
        <div class="spinner"></div>

        <!-- 提示信息 -->
        <h1>正在为您跳转</h1>
        <p>我们正在将您引导至 Google。<br>如果页面没有自动刷新，请点击下方的按钮。</p>

        <!-- 手动跳转链接 -->
        <a href="https://www.google.com" class="manual-link">立即前往 Google</a>
    </main>

    <script>
        // 方法2：JavaScript 跳转 (推荐)
        // 使用 replace() 而不是 href，这样用户点击“后退”时不会死循环回到这个跳转页
        (function() {
            // 目标地址
            var targetUrl = "https://www.google.com";

            // 执行跳转
            window.location.replace(targetUrl);

            // 控制台日志（用于调试）
            console.log("Redirecting to: " + targetUrl);
        })();
    </script>

</body>
</html>

Acknowledgments

QuantumNous would like to thank TechnologyStar for the early notification of this potential vulnerability via AI-assisted tools, and small-lovely-cat for providing additional context and an initial patch. The final fix was developed and verified by the maintainers to ensure full compatibility with the project's architecture.

Severity ?

7.6 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/QuantumNous/new-api"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.10.8-alpha.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-23T22:10:25Z",
    "nvd_published_at": "2026-02-24T01:16:14Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nA potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `\u003cscript\u003e` tag.\n\n### Details\n\nLine 212-231 of `MarkdownRenderer.jsx` is unsafe, it use dangerouslySetInnerHTML to preview html the model generates. This can trigger malcious scripts.\n\n### PoC\n\nA simple way to exploit that is to ask the model in the playground, with prompt: \"\u8bf7\u5e2e\u6211\u5199\u4e2a\u811a\u672c\uff0c\u8df3\u8f6c\u5230google\", and then the browser will navigate to the google.com without user interference.\n\n### Impact\n\nPotential malcious activity to the user using playground, if the model api is altered to output unintended codes.\n\nAlso, users may not be easily rid the exploit, since the record of the chat containing XSS script is stored, once opening the page later, the script will be re-triggered.\n\n### Potential Workaround\n\nThe preview may be placed in an iframe sandbox, dangerous html strings should be purified before rendering.\n\n---\n\nThe reply generated for test is as below:\n\n\u8fd9\u662f\u4e00\u4e2a\u4e3a\u60a8\u7f16\u5199\u7684\u5355\u9875 HTML \u6587\u4ef6\u3002\u5b83\u4f7f\u7528\u4e86\u4e24\u79cd\u65b9\u5f0f\u6765\u5b9e\u73b0\u8df3\u8f6c\uff0c\u4ee5\u786e\u4fdd\u5728\u4efb\u4f55\u60c5\u51b5\u4e0b\u90fd\u80fd\u5de5\u4f5c\uff1a\n\n1.  **JavaScript (`window.location.replace`)**\uff1a\u8fd9\u662f\u6700\u5e38\u7528\u4e14\u9ad8\u6548\u7684\u65b9\u6cd5\uff0c\u5b83\u4f1a\u7acb\u5373\u8df3\u8f6c\uff0c\u5e76\u4e14\u4e0d\u4f1a\u4fdd\u7559\u5f53\u524d\u9875\u9762\u5728\u6d4f\u89c8\u5668\u5386\u53f2\u8bb0\u5f55\u4e2d\uff08\u8fd9\u6837\u7528\u6237\u6309\u201c\u540e\u9000\u201d\u952e\u4e0d\u4f1a\u56de\u5230\u8fd9\u4e2a\u8df3\u8f6c\u9875\uff09\u3002\n2.  **HTML Meta Refresh**\uff1a\u4f5c\u4e3a\u540e\u5907\u65b9\u6848\u3002\u5982\u679c\u7528\u6237\u7684\u6d4f\u89c8\u5668\u7981\u7528\u4e86 JavaScript\uff0c\u8fd9\u4e2a\u6807\u7b7e\u4f1a\u5728 1 \u79d2\u540e\u5c06\u7528\u6237\u5e26\u5f80 Google\u3002\n3.  **\u624b\u52a8\u94fe\u63a5**\uff1a\u9875\u9762\u4e2d\u663e\u793a\u4e86\u4e00\u4e2a\u5907\u7528\u94fe\u63a5\uff0c\u4ee5\u9632\u81ea\u52a8\u8df3\u8f6c\u88ab\u62e6\u622a\u6216\u5931\u6548\u3002\n\n\u60a8\u53ef\u4ee5\u76f4\u63a5\u4fdd\u5b58\u4ee5\u4e0b\u4ee3\u7801\u4e3a `.html` \u6587\u4ef6\u5e76\u5728\u6d4f\u89c8\u5668\u4e2d\u6253\u5f00\u3002\n\n```html\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"zh-CN\"\u003e\n\u003chead\u003e\n    \u003cmeta charset=\"UTF-8\"\u003e\n    \u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"\u003e\n    \u003ctitle\u003e\u6b63\u5728\u8df3\u8f6c\u81f3 Google...\u003c/title\u003e\n    \n    \u003c!-- \u65b9\u6cd51\uff1aHTML Meta Refresh (\u5982\u679cJS\u88ab\u7981\u7528\uff0c1\u79d2\u540e\u81ea\u52a8\u8df3\u8f6c) --\u003e\n    \u003cmeta http-equiv=\"refresh\" content=\"1;url=https://www.google.com\"\u003e\n\n    \u003cstyle\u003e\n        /* \u57fa\u7840\u91cd\u7f6e\u4e0e\u5e03\u5c40 */\n        body, html {\n            height: 100%;\n            margin: 0;\n            font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Helvetica Neue\", Arial, sans-serif;\n            background-color: #f8f9fa;\n            color: #202124;\n            display: flex;\n            justify-content: center;\n            align-items: center;\n        }\n\n        /* \u5361\u7247\u5bb9\u5668\u6837\u5f0f */\n        .redirect-card {\n            background: white;\n            padding: 2rem 3rem;\n            border-radius: 12px;\n            box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);\n            text-align: center;\n            max-width: 400px;\n            width: 90%;\n        }\n\n        /* \u52a0\u8f7d\u52a8\u753b\u5706\u5708 */\n        .spinner {\n            border: 4px solid #f3f3f3;\n            border-top: 4px solid #4285f4; /* Google Blue */\n            border-radius: 50%;\n            width: 40px;\n            height: 40px;\n            animation: spin 1s linear infinite;\n            margin: 0 auto 1.5rem auto;\n        }\n\n        /* \u6587\u672c\u6392\u7248 */\n        h1 {\n            font-size: 1.25rem;\n            margin-bottom: 0.5rem;\n            font-weight: 500;\n        }\n\n        p {\n            font-size: 0.95rem;\n            color: #5f6368;\n            margin-bottom: 1.5rem;\n            line-height: 1.5;\n        }\n\n        /* \u624b\u52a8\u94fe\u63a5\u6837\u5f0f */\n        .manual-link {\n            display: inline-block;\n            color: #1a73e8; /* Google Link Blue */\n            text-decoration: none;\n            font-weight: 500;\n            padding: 0.5rem 1rem;\n            border: 1px solid #dadce0;\n            border-radius: 4px;\n            transition: background-color 0.2s;\n        }\n\n        .manual-link:hover {\n            background-color: #f1f3f4;\n            text-decoration: underline;\n        }\n\n        /* \u52a8\u753b\u5b9a\u4e49 */\n        @keyframes spin {\n            0% { transform: rotate(0deg); }\n            100% { transform: rotate(360deg); }\n        }\n    \u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\n    \u003cmain class=\"redirect-card\"\u003e\n        \u003c!-- \u89c6\u89c9\u53cd\u9988\uff1a\u52a0\u8f7d\u52a8\u753b --\u003e\n        \u003cdiv class=\"spinner\"\u003e\u003c/div\u003e\n        \n        \u003c!-- \u63d0\u793a\u4fe1\u606f --\u003e\n        \u003ch1\u003e\u6b63\u5728\u4e3a\u60a8\u8df3\u8f6c\u003c/h1\u003e\n        \u003cp\u003e\u6211\u4eec\u6b63\u5728\u5c06\u60a8\u5f15\u5bfc\u81f3 Google\u3002\u003cbr\u003e\u5982\u679c\u9875\u9762\u6ca1\u6709\u81ea\u52a8\u5237\u65b0\uff0c\u8bf7\u70b9\u51fb\u4e0b\u65b9\u7684\u6309\u94ae\u3002\u003c/p\u003e\n        \n        \u003c!-- \u624b\u52a8\u8df3\u8f6c\u94fe\u63a5 --\u003e\n        \u003ca href=\"https://www.google.com\" class=\"manual-link\"\u003e\u7acb\u5373\u524d\u5f80 Google\u003c/a\u003e\n    \u003c/main\u003e\n\n    \u003cscript\u003e\n        // \u65b9\u6cd52\uff1aJavaScript \u8df3\u8f6c (\u63a8\u8350)\n        // \u4f7f\u7528 replace() \u800c\u4e0d\u662f href\uff0c\u8fd9\u6837\u7528\u6237\u70b9\u51fb\u201c\u540e\u9000\u201d\u65f6\u4e0d\u4f1a\u6b7b\u5faa\u73af\u56de\u5230\u8fd9\u4e2a\u8df3\u8f6c\u9875\n        (function() {\n            // \u76ee\u6807\u5730\u5740\n            var targetUrl = \"https://www.google.com\";\n\n            // \u6267\u884c\u8df3\u8f6c\n            window.location.replace(targetUrl);\n            \n            // \u63a7\u5236\u53f0\u65e5\u5fd7\uff08\u7528\u4e8e\u8c03\u8bd5\uff09\n            console.log(\"Redirecting to: \" + targetUrl);\n        })();\n    \u003c/script\u003e\n\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\n### Acknowledgments\n\nQuantumNous would like to thank **TechnologyStar** for the early notification of this potential vulnerability via AI-assisted tools, and **small-lovely-cat** for providing additional context and an initial patch. The final fix was developed and verified by the maintainers to ensure full compatibility with the project\u0027s architecture.",
  "id": "GHSA-299v-8pq9-5gjq",
  "modified": "2026-02-24T16:08:19Z",
  "published": "2026-02-23T22:10:25Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25802"
    },
    {
      "type": "WEB",
      "url": "https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/QuantumNous/new-api"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "New API has Potential XSS in its MarkdownRenderer component"
}

FKIE_CVE-2026-25802

Vulnerability from fkie_nvd - Published: 2026-02-24 01:16 - Updated: 2026-02-25 20:17

Severity ?

7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b	Patch
	security-advisories@github.com	https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq	Exploit, Vendor Advisory

Impacted products

Vendor	Product	Version
newapi	new_api	*
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8
newapi	new_api	0.10.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:newapi:new_api:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1527E2D6-778C-4D31-99A9-A21DE4621B69",
              "versionEndExcluding": "0.10.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "92E4407B-5336-4C05-832E-AB226CB00D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "0A0A79DD-86C8-464A-9CB8-85C1D3DF57EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "35F1C0B3-9CD8-4923-979D-A4BA24206E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha4:*:*:*:*:*:*",
              "matchCriteriaId": "108FA4C3-126D-4441-AA01-759D5ECF8F96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha5:*:*:*:*:*:*",
              "matchCriteriaId": "4E268A4B-1BD9-46DF-8FA9-C69E7C886C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha6:*:*:*:*:*:*",
              "matchCriteriaId": "BE947FCB-2C34-4E90-9ACB-BE488E8DF6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha7:*:*:*:*:*:*",
              "matchCriteriaId": "3631CF4F-5C43-4213-9E37-5E8A7E7C4423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:newapi:new_api:0.10.8:alpha8:*:*:*:*:*:*",
              "matchCriteriaId": "F8F77CC8-1191-4EE7-9D70-1867B832441A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `\u003cscript\u003e` tag. Version 0.10.8-alpha.9 fixes the issue."
    },
    {
      "lang": "es",
      "value": "Nueva API es una pasarela de modelo de lenguaje grande (LLM) y un sistema de gesti\u00f3n de activos de inteligencia artificial (IA). Antes de la versi\u00f3n 0.10.8-alpha.9, ocurre una operaci\u00f3n potencialmente insegura en el componente `MarkdownRenderer.jsx`, permitiendo cross-site scripting (XSS) cuando el modelo genera elementos que contienen la etiqueta `"
    }
  ],
  "id": "CVE-2026-25802",
  "lastModified": "2026-02-25T20:17:51.200",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-02-24T01:16:14.927",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/QuantumNous/new-api/commit/ab5456eb1049aa8a0f3e51f359907ec7fff38b4b"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-25802 (GCVE-0-2026-25802)

GHSA-299V-8PQ9-5GJQ

Summary

Details

PoC

Impact

Potential Workaround

Acknowledgments

FKIE_CVE-2026-25802

Tags

Sightings

Nomenclature