Daniel31X13

**Name of the Vulnerable Software and Affected Versions** Linkwarden versions prior to 2.14.0 **Description** The archive upload endpoint "POST /api/v1/archives/[linkId]?format=4" accepts HTML files without sanitizing JavaScript content. When the archive is accessed via "GET /api/v1/archives/[linkId]?format=4", the HTML is served with Content-Type: text/html from the origin without a Content-Security-Policy header. This enables stored Cross-Site Scripting (XSS), which is a flaw where a malicious script is permanently stored on the target server, allowing arbitrary JavaScript execution within the context of the authenticated session. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.