Mylong

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.123.9 n8n versions prior to 2.2.1 **Description** n8n is a workflow automation platform. A Cross-Site Scripting (XSS) issue existed in a markdown rendering component within the n8n interface, affecting areas that support markdown content, such as workflow sticky notes. An authenticated user with workflow modification permissions could exploit this to execute scripts with same-origin privileges when other users interact with a maliciously crafted workflow. This could potentially lead to session hijacking and account takeover. **Recommendations** Update n8n to version 1.123.9 or later. Update n8n to version 2.2.1 or later.