Label Studio: Tagging Admins for Takeover via IDOR & XSS
Jan 12, 2026·5 min read·3 visits
Executive Summary (TL;DR)
Label Studio versions <= 1.22.0 contain a critical flaw where user-defined hotkeys are rendered into the main HTML template without proper escaping. Because the API also lacks access controls (IDOR), a low-privileged attacker can push a malicious hotkey configuration to an administrator's profile. When the admin logs in, the injected JavaScript executes, exfiltrating their API token and granting the attacker full control over the instance.
A critical chain of vulnerabilities in Label Studio allows attackers to combine an Insecure Direct Object Reference (IDOR) with a stored Cross-Site Scripting (XSS) payload to hijack administrator accounts. By exploiting a lack of input sanitization in the 'custom_hotkeys' feature and a naive template rendering strategy, attackers can inject malicious JavaScript that executes in the context of other users.
Official Patches
Fix Analysis (1)
Technical Appendix
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:NAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
Label Studio HumanSignal | <= 1.22.0 | post-1.22.0 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-79 (XSS), CWE-284 (IDOR) |
| Attack Vector | Network (AV:N) |
| CVSS v4.0 | 8.6 (High) |
| Privileges Required | Low (PR:L) |
| User Interaction | None (UI:N) |
| Exploit Status | PoC Available |
MITRE ATT&CK Mapping
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Known Exploits & Detection
Vulnerability Timeline
Subscribe to updates
Get the latest CVE analysis reports delivered to your inbox.