Kestra Stored Cross-Site Scripting Vulnerability via Flow YAML Fields

A stored cross-site scripting vulnerability has been identified in Kestra, an open-source orchestration platform, in versions through 1.3.3. The issue arises because the platform renders user-supplied flow YAML metadata fields—specifically 'description', 'inputs[].displayName', and 'inputs[].description'—through a Markdown component that allows HTML injection. This unfiltered HTML is then inserted into the DOM using Vue's v-html directive, creating an opportunity for flow authors to embed arbitrary JavaScript that executes in the browsers of users who view or interact with the flow. Notably, this vulnerability requires no user interaction to exploit, particularly through the 'input.displayName' field.

Impact

Exploitation of this vulnerability allows for the execution of injected JavaScript in the context of the user's browser, potentially leading to session hijacking by stealing JWT tokens and CSRF headers, which could be used for full API impersonation. The vulnerability is persistent, as the injected payload is saved within the flow YAML and remains across revisions unless manually removed.

Reproduction

To reproduce this vulnerability, create a flow in Kestra with a YAML configuration that includes malicious JavaScript embedded within the 'description', 'inputs[].displayName', and 'inputs[].description' fields. Once the flow is saved, execute it. The injected JavaScript will execute automatically when the flow is opened or when the input fields are accessed, demonstrating the cross-site scripting vulnerability.

Remediation

To address this vulnerability, Kestra should sanitize Markdown outputs by integrating DOMPurify into the Markdown component or the markdown utility before the content is rendered with v-html. Additionally, the default setting for the 'html' prop in Markdown.vue should be changed from true to false, allowing raw HTML only for trusted content. Alternatively, Kestra could implement a safe subset of Markdown that excludes raw HTML for user-generated content while preserving HTML support for curated materials.