XSS Injection in HTML Profile Report Generation
June 4, 2024
Products Impacted
This vulnerability is present in Ydata-profiling v3.7.0 or newer.
CVSS Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE Categorization
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
Details
In src/ydata_profiling/report/presentation/flavours/html/templates.py the Jinja2 template is initialized without setting autoescape to true allowing for a maliciously crafted dataset to perform an XSS attack when an HTML report is generated.
Related SAI Security Advisory
June 12, 2026
Post-Authentication RCE via update_collection
Any authenticated user with UPDATE_COLLECTION permission can achieve remote code execution by updating a collection's embedding function to reference a malicious HuggingFace model with trust_remote_code: true. The update_collection endpoint uses the same build_from_config() code path as CVE-2026-45829. Authentication runs before model loading, so this is not a pre-authentication issue, but the model instantiation itself is unguarded.
June 12, 2026
V1 API Tenant Isolation Bypass via Null Tenant/Database Context
All V1 collection-level endpoints pass None for tenant and database to the authorization layer, making tenant-scoped access control impossible through V1, regardless of which authorization provider is configured. V1 cannot be disabled. Combined with CVE-2026-45830, any authenticated user has unrestricted read/write access to any collection by UUID through V1 endpoints.