Label Studio vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field_CVE-2026-22033

{
    "lastseen": "",
    "description": "Label Studio is a multi-type data labeling and annotation tool. In 1.22.0 and earlier, a persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authenticated attacker (or one who can trick a user/administrator into updating their custom_hotkeys) can inject JavaScript code that executes in other users\u2019 browsers when those users load any page using the templates/base.html template. Because the application exposes an API token endpoint (/api/current-user/token) to the browser and lacks robust CSRF protection on some API endpoints, the injected script may fetch the victim\u2019s API token or call token reset endpoints \u2014 enabling full account takeover and unauthorized API access.",
    "published": "2026-01-12T17:47:34.060Z",
    "modified": "2026-01-12T18:12:36.147Z",
    "type": "cve",
    "title": "Label Studio vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field",
    "source": "GitHub_M",
    "references": "https://github.com/HumanSignal/label-studio/security/advisories/GHSA-2mq9-hm29-8qch\nhttps://github.com/HumanSignal/label-studio/pull/9084\nhttps://github.com/HumanSignal/label-studio/commit/ea2462bf042bbf370b79445d02a205fbe547b505",
    "id": "CVE-2026-22033",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "HumanSignal label-studio <= 1.22.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "label-studio",
    "version": "<= 1.22.0",
    "vendor": "HumanSignal",
    "ai_description": "A persistent stored cross-site scripting (XSS) vulnerability exists in Label Studio, allowing an authenticated attacker to inject JavaScript code that executes in other users' browsers, potentially leading to full account takeover and unauthorized API access.",
    "ai_severity": "High",
    "ai_vendor": "HumanSignal",
    "ai_product": "Label Studio",
    "ai_version": "1.22.0 and earlier",
    "ai_score": 8.6
}