CVE-2026-48822 shaarli CVE debrief

Who should care

Users of Shaarli versions 0.16.1 and prior should be aware of this vulnerability and take steps to update to version 0.16.2 or later. Additionally, administrators of systems using Shaarli should ensure that the service is updated to the latest version to prevent potential XSS attacks.

Technical summary

The vulnerability originates in the filterProtocols method within BookmarkMarkdownFormatter.php. This method attempts to sanitize Markdown links by filtering dangerous protocols (such as javascript:) before rendering. However, it fails to detect Markdown reference-style links, which are resolved by the Markdown parser after preprocessing. As a result, an attacker can supply a javascript: URI inside a reference definition, leading to a potential XSS attack.

Defensive priority

MEDIUM

Recommended defensive actions

• Update Shaarli to version 0.16.2 or later
• Ensure that the Bookmark Description field is properly sanitized
• Implement additional security measures to prevent XSS attacks
• Monitor for suspicious activity on the Shaarli service
• Use a Web Application Firewall (WAF) to detect and prevent XSS attacks
• Regularly review and update the Shaarli service to ensure the latest security patches are applied

Evidence notes

The vulnerability is caused by a flaw in the Markdown-to-HTML conversion process used in the Bookmark Description field. The filterProtocols method within BookmarkMarkdownFormatter.php fails to detect Markdown reference-style links, allowing an attacker to supply a javascript: URI inside a reference definition.

Official resources