Volerion logoVolerion
Volerion logoVolerion

OpenCTI Reflected Cross-Site Scripting Vulnerability

Vulnerability

A reflected cross-site scripting vulnerability has been identified in OpenCTI version 3.3.1. This issue resides within the GraphQL endpoint, where an attacker can inject arbitrary JavaScript by sending a crafted GET request with a malicious payload in the query string. The injected script is then executed in the context of the victim's browser. This vulnerability was discovered by Raif Berkay Dincel and has been confirmed on both Linux Mint and Windows 10.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where injected scripts are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, send a GET request to the /graphql endpoint with a payload that includes a script injection, such as an alert script. The injected script will be executed in the browser of the user accessing the application.

Added: Jan 30, 2026, 11:24 PM
Updated: Jan 30, 2026, 11:24 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
1.7
exploitability
7.5
remediation
0.0
relevance
2.5
threat
6.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.