Vulnerability Report: GO-2026-4862
- CVE-2026-33758, GHSA-cpj3-3r2f-xj59
- Affects: github.com/openbao/openbao
- Published: Mar 26, 2026
OpenBao has Reflected XSS in its OIDC authentication error message in github.com/openbao/openbao
For detailed information about this vulnerability, visit https://github.com/openbao/openbao/security/advisories/GHSA-cpj3-3r2f-xj59.
Affected Packages
-
PathVersionsSymbols
Aliases
References
- https://github.com/openbao/openbao/security/advisories/GHSA-cpj3-3r2f-xj59
- https://github.com/openbao/openbao/commit/6e2b2dd84f0e47cebc90d6e79609dd5274732662
- https://github.com/openbao/openbao/pull/2709
- https://github.com/openbao/openbao/releases/tag/v2.5.2
- https://vuln.go.dev/ID/GO-2026-4862.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.