What is the severity of GHSA-c8hm-hr8h-5xjw?

The severity of GHSA-c8hm-hr8h-5xjw is classified as a high risk due to unrestricted MIME types which can lead to potential security vulnerabilities.

How do I fix GHSA-c8hm-hr8h-5xjw?

To fix GHSA-c8hm-hr8h-5xjw, upgrade n8n to version 1.90.0 or later where the issue has been resolved.

Who is affected by GHSA-c8hm-hr8h-5xjw?

GHSA-c8hm-hr8h-5xjw affects users of n8n versions prior to 1.90.0 that allow unrestricted MIME type uploads.

What is the impact of GHSA-c8hm-hr8h-5xjw?

The impact of GHSA-c8hm-hr8h-5xjw includes the possibility of serving malicious files due to unrestricted MIME type handling.

What are the conditions that lead to GHSA-c8hm-hr8h-5xjw?

GHSA-c8hm-hr8h-5xjw occurs when n8n workflows do not validate MIME types for uploaded binary files, allowing user-controlled MIME type parameters.

Vulnerability/
GHSA-c8hm-hr8h-5xjw

medium

CWE

28/4/2025

29/4/2025

GHSA-c8hm-hr8h-5xjw: XSS

First published: Mon Apr 28 2025(Updated: )

### Impact n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there was no restriction on the MIME type of uploaded files, and the MIME type could be controlled via a GET parameter. This allowed the server to respond with any MIME type, potentially enabling malicious content to be interpreted and executed by the browser. An authenticated attacker with member-level permissions could exploit this by uploading a crafted HTML file containing malicious JavaScript. When another user visits the binary data endpoint with the MIME type set to text/html, the script executes in the context of the user’s session. This script could, for example, send a request to change the user’s email address in their account settings, effectively enabling account takeover. ### Patches - [n8n@1.90.0](https://github.com/n8n-io/n8n/releases/tag/n8n%401.90.0) ### Credit We would like to thank @Mahmoud0x00 for reporting this issue.

Affected Software	Affected Version	How to fix
npm/n8n	<1.90.0	1.90.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of GHSA-c8hm-hr8h-5xjw?
The severity of GHSA-c8hm-hr8h-5xjw is classified as a high risk due to unrestricted MIME types which can lead to potential security vulnerabilities.
How do I fix GHSA-c8hm-hr8h-5xjw?
To fix GHSA-c8hm-hr8h-5xjw, upgrade n8n to version 1.90.0 or later where the issue has been resolved.
Who is affected by GHSA-c8hm-hr8h-5xjw?
GHSA-c8hm-hr8h-5xjw affects users of n8n versions prior to 1.90.0 that allow unrestricted MIME type uploads.
What is the impact of GHSA-c8hm-hr8h-5xjw?
The impact of GHSA-c8hm-hr8h-5xjw includes the possibility of serving malicious files due to unrestricted MIME type handling.
What are the conditions that lead to GHSA-c8hm-hr8h-5xjw?
GHSA-c8hm-hr8h-5xjw occurs when n8n workflows do not validate MIME types for uploaded binary files, allowing user-controlled MIME type parameters.

agent/severity
agent/source
agent/weakness
agent/softwarecombine
agent/description
agent/first-publish-date
agent/type
agent/last-modified-date
collector/github-advisory-latest
source/GitHub
alias/GHSA-c8hm-hr8h-5xjw
alias/CVE-2025-46343
agent/software-canonical-lookup
agent/references
agent/tags
agent/event
package-manager/npm

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.