CVE-2026-11436 | Mage AI up to 0.9.79 Sign-in Flow index.tsx useMutation query.redirect_url cross site scripting

A vulnerability has been found in Mage AI up to 0.9.79 and classified as problematic. This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirect_url results in cross site scripting.

This vulnerability is known as CVE-2026-11436. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More