Primary

Context

MaxKB Broken Access Control Vulnerability in OSS URL Fetch API

Vulnerability

Patched

A broken access control vulnerability has been identified in MaxKB versions through 2.8.0, specifically within the OSS file service URL fetch API endpoint (chat/api/oss/get_url). The vulnerability arises because the endpoint uses the application_id from the URL path without validating ownership. This flaw allows authenticated attackers to manipulate application IDs and perform actions under the policies of other applications, thereby bypassing intended access controls and disrupting tenant isolation.

Impact

Exploitation of this vulnerability allows for cross-application privilege escalation, enabling an authenticated user to access and manipulate features and policies of other applications without authorization.

Remediation

Users can update MaxKB to version 2.8.1, which addresses the vulnerability by implementing application ownership validation and adding authorization checks to ensure the token corresponds with the application ID.

Added: May 26, 2026, 9:58 PM

Updated: May 26, 2026, 9:58 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.8

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.8

remediation

0.0

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MaxKB Broken Access Control Vulnerability in OSS URL Fetch API

Vulnerability

Impact

Remediation

Affected Products

1Panel-dev MaxKB

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating