GHSA-7qw2-f75v-62f7MediumCVSS 5.4

Coder vulnerable to stored HTML injection via workspace agent logs in AgentLogLine component

Published
July 6, 2026
Last Modified
July 6, 2026

🔗 CVE IDs covered (1)

📋 Description

Summary

The AgentLogLine dashboard component instantiated ansi-to-html without escapeXML: true and inserted the result via dangerouslySetInnerHTML so HTML embedded in workspace agent log lines was rendered as live markup. Server-side sanitization did not neutralize HTML metacharacters.

Note: Exploitation requires a victim to view attacker-controlled agent logs in the dashboard.

Impact

A user who could run a workspace could emit arbitrary HTML into agent logs; when another user, including an administrator, viewed the workspace page, it rendered in their session. Content Security Policy blocked inline scripts but an attacker could still inject a meta refresh redirect, style rules for UI redressing or CSS-based exfiltration or external img beacons. This required workspace-owner access and a victim viewing the page.

Patches

The fix enables escapeXML: true so HTML metacharacters are escaped before DOM insertion.

The fix was backported to all supported release lines:

| Release line | Patched version | |---|---| | 2.34 | v2.34.2 | | 2.33 | v2.33.8 | | 2.32 | v2.32.7 | | 2.29 (ESR) | v2.29.17 |

Workarounds

None.

Resources

  • Fix: #25808

Credits

Coder would like to thank Anthropic's Security Team (ANT-2026-22449) for independently disclosing this issue!

🎯 Affected products4

  • go/github.com/coder/coder/v2:>= 2.34.0, < 2.34.2
  • go/github.com/coder/coder/v2:>= 2.33.0, < 2.33.8
  • go/github.com/coder/coder/v2:>= 2.30.0, < 2.32.7
  • go/github.com/coder/coder/v2:< 2.29.17

🔗 References (3)