GHSA-VM32-VV63-W422

Vulnerability from github – Published: 2026-02-02 18:28 – Updated: 2026-02-03 16:12
VLAI?
Summary
jsPDF Vulnerable to Stored XMP Metadata Injection (Spoofing & Integrity Violation)
Details

Impact

User control of the first argument of the addMetadata function allows users to inject arbitrary XML.

If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed.

Example attack vector:

import { jsPDF } from "jspdf"

const doc = new jsPDF()

// Input a string that closes the current XML tag and opens a new one.
// We are injecting a fake "dc:creator" (Author) to spoof the document source.
const maliciousInput = '</jspdf:metadata></rdf:Description>' +
    '<rdf:Description xmlns:dc="http://purl.org/dc/elements/1.1/">' +
    '<dc:creator>TRUSTED_ADMINISTRATOR</dc:creator>' + // <--- Spoofed Identity
    '</rdf:Description>' +
    '<rdf:Description><jspdf:metadata>'

// The application innocently adds the user's input to the metadata
doc.addMetadata(maliciousInput, "http://valid.namespace")

doc.save("test.pdf")

Patches

The vulnerability has been fixed in jsPDF@4.1.0

Workarounds

Sanitize user input before passing it to the addMetadata method: escape XML entities. For example:

let input = "..."

input = input
    .replace(/&/g, "&amp;")
    .replace(/</g, "&lt;")
    .replace(/>/g, "&gt;")
    .replace(/"/g, "&quot;")
    .replace(/'/g, "&apos;")

doc.addMetadata(input)
Severity ?
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.0.0"
      },
      "package": {
        "ecosystem": "npm",
        "name": "jspdf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-24043"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-74"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-02T18:28:29Z",
    "nvd_published_at": "2026-02-02T23:16:07Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nUser control of the first argument of the `addMetadata` function allows users to inject arbitrary XML.\n\nIf given the possibility to pass unsanitized input to the `addMetadata` method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or otherwise processed after, the integrity of the PDF can no longer be guaranteed.\n\nExample attack vector:\n\n```js\nimport { jsPDF } from \"jspdf\"\n\nconst doc = new jsPDF()\n\n// Input a string that closes the current XML tag and opens a new one.\n// We are injecting a fake \"dc:creator\" (Author) to spoof the document source.\nconst maliciousInput = \u0027\u003c/jspdf:metadata\u003e\u003c/rdf:Description\u003e\u0027 +\n    \u0027\u003crdf:Description xmlns:dc=\"http://purl.org/dc/elements/1.1/\"\u003e\u0027 +\n    \u0027\u003cdc:creator\u003eTRUSTED_ADMINISTRATOR\u003c/dc:creator\u003e\u0027 + // \u003c--- Spoofed Identity\n    \u0027\u003c/rdf:Description\u003e\u0027 +\n    \u0027\u003crdf:Description\u003e\u003cjspdf:metadata\u003e\u0027\n\n// The application innocently adds the user\u0027s input to the metadata\ndoc.addMetadata(maliciousInput, \"http://valid.namespace\")\n\ndoc.save(\"test.pdf\")\n```\n\n### Patches\n\nThe vulnerability has been fixed in jsPDF@4.1.0\n\n### Workarounds\n\nSanitize user input before passing it to the `addMetadata` method: escape XML entities. For example:\n\n```js\nlet input = \"...\"\n\ninput = input\n    .replace(/\u0026/g, \"\u0026amp;\")\n    .replace(/\u003c/g, \"\u0026lt;\")\n    .replace(/\u003e/g, \"\u0026gt;\")\n    .replace(/\"/g, \"\u0026quot;\")\n    .replace(/\u0027/g, \"\u0026apos;\")\n\ndoc.addMetadata(input)\n```",
  "id": "GHSA-vm32-vv63-w422",
  "modified": "2026-02-03T16:12:30Z",
  "published": "2026-02-02T18:28:29Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-vm32-vv63-w422"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24043"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parallax/jsPDF/commit/efe54bf50f3f5e5416b2495e3c24624fc80b6cff"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/parallax/jsPDF"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parallax/jsPDF/releases/tag/v4.1.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "jsPDF Vulnerable to Stored XMP Metadata Injection (Spoofing \u0026 Integrity Violation)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.