Cross-site scripting in Ansible Automation Platform 2.5 packages

Published: 2025-03-17

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2025-26791
CWE-ID	CWE-79
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	receptor (Red Hat package) Operating systems & Components / Operating system package or component python3.11-typing-extensions (Red Hat package) Operating systems & Components / Operating system package or component python3.11-tox-ansible (Red Hat package) Operating systems & Components / Operating system package or component python3.11-referencing (Red Hat package) Operating systems & Components / Operating system package or component python3.11-pytest-ansible (Red Hat package) Operating systems & Components / Operating system package or component python3.11-podman (Red Hat package) Operating systems & Components / Operating system package or component python3.11-jsonschema-path (Red Hat package) Operating systems & Components / Operating system package or component python3.11-galaxy-ng (Red Hat package) Operating systems & Components / Operating system package or component python3.11-galaxy-importer (Red Hat package) Operating systems & Components / Operating system package or component python3.11-django-ansible-base (Red Hat package) Operating systems & Components / Operating system package or component python3.11-ansible-compat (Red Hat package) Operating systems & Components / Operating system package or component molecule (Red Hat package) Operating systems & Components / Operating system package or component automation-hub (Red Hat package) Operating systems & Components / Operating system package or component automation-gateway (Red Hat package) Operating systems & Components / Operating system package or component automation-eda-controller (Red Hat package) Operating systems & Components / Operating system package or component automation-controller (Red Hat package) Operating systems & Components / Operating system package or component ansible-rulebook (Red Hat package) Operating systems & Components / Operating system package or component ansible-navigator (Red Hat package) Operating systems & Components / Operating system package or component ansible-lint (Red Hat package) Operating systems & Components / Operating system package or component ansible-dev-tools (Red Hat package) Operating systems & Components / Operating system package or component ansible-dev-environment (Red Hat package) Operating systems & Components / Operating system package or component ansible-creator (Red Hat package) Operating systems & Components / Operating system package or component ansible-automation-platform-installer (Red Hat package) Operating systems & Components / Operating system package or component Ansible Automation Platform Server applications / Other server solutions
Vendor	Red Hat Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cross-site scripting

EUVDB-ID: #VU105783

Risk: Low

CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:L/E:U/U:Clear]

CVE-ID: CVE-2025-26791

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform mutation cross-site scripting (XSS) attacks.

The vulnerability exists due to DOMPurify has an incorrect template literal regular expression. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

receptor (Red Hat package): before 1.5.3-2.el8ap

python3.11-typing-extensions (Red Hat package): before 4.9.0-1.el8ap

python3.11-tox-ansible (Red Hat package): before 25.1.0-1.el8ap

python3.11-referencing (Red Hat package): before 0.36.2-1.el8ap

python3.11-pytest-ansible (Red Hat package): before 25.1.0-1.el8ap

python3.11-podman (Red Hat package): before 5.2.0-1.el8ap

python3.11-jsonschema-path (Red Hat package): before 0.3.4-1.el8ap

python3.11-galaxy-ng (Red Hat package): before 4.10.2-1.el8ap

python3.11-galaxy-importer (Red Hat package): before 0.4.28-1.el8ap

python3.11-django-ansible-base (Red Hat package): before 2.5.20250312-1.el8ap

python3.11-ansible-compat (Red Hat package): before 25.1.2-1.el8ap

molecule (Red Hat package): before 25.2.0-1.el8ap

automation-hub (Red Hat package): before 4.10.2-1.el8ap

automation-gateway (Red Hat package): before 2.5.20250312-1.el8ap

automation-eda-controller (Red Hat package): before 1.1.6-1.el8ap

automation-controller (Red Hat package): before 4.6.9-1.el8ap

ansible-rulebook (Red Hat package): before 1.1.3-1.el8ap

ansible-navigator (Red Hat package): before 25.1.0-1.el8ap

ansible-lint (Red Hat package): before 25.1.2-1.el8ap

ansible-dev-tools (Red Hat package): before 25.2.0-1.el8ap

ansible-dev-environment (Red Hat package): before 25.1.0-1.el8ap

ansible-creator (Red Hat package): before 25.0.0-1.el8ap

ansible-automation-platform-installer (Red Hat package): before 2.5-9.2.el8ap

Ansible Automation Platform: before 2.5

CPE2.3

External links

https://access.redhat.com/errata/RHSA-2025:2518

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.