Grimmory: Stored XSS via Malicious EPUB Enables Session Token Theft

6.3 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

Description

Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser with full access to the Grimmory application's session context. This can enable session token theft and account takeover, including administrative access if an administrator opens the affected book. This issue has been patched in version 2.3.1.

Basic Information

ID CVE-2026-42451

Source GitHub_M

Published May 8, 2026 at 22:51

Affected Product

Vendor grimmory-tools

Product grimmory

Version < 2.3.1

Affected Versions grimmory-tools grimmory < 2.3.1

CWE Classification

CWE-79 CWE-80

References

{
    "lastseen": "",
    "description": "Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser with full access to the Grimmory application's session context. This can enable session token theft and account takeover, including administrative access if an administrator opens the affected book. This issue has been patched in version 2.3.1.",
    "published": "2026-05-08T22:51:21.920Z",
    "modified": "2026-05-08T22:51:21.920Z",
    "type": "cve",
    "title": "Grimmory: Stored XSS via Malicious EPUB Enables Session Token Theft",
    "source": "GitHub_M",
    "references": "https://github.com/grimmory-tools/grimmory/security/advisories/GHSA-frv6-5wq5-9p24\nhttp://github.com/grimmory-tools/grimmory/releases/tag/v2.3.1",
    "id": "CVE-2026-42451",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-80"
    ],
    "cvelist": null,
    "sourceData": "grimmory-tools grimmory < 2.3.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "grimmory",
    "version": "< 2.3.1",
    "vendor": "grimmory-tools",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Grimmory: Stored XSS via Malicious EPUB Enables Session Token Theft_CVE-2026-42451