Description

The Static Asset API in Mintlify Platform before 2025-11-15 allows remote attackers to inject arbitrary web script or HTML via the subdomain parameter because any tenant's assets can be served on any other tenant's documentation site.

Related CPE's

Could not find any relations

References

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28

https://kibty.town/blog/mintlify/

https://news.ycombinator.com/item?id=46317098

https://www.mintlify.com/blog/working-with-security-researchers-november-2025

https://www.mintlify.com/docs/changelog

Weaknesses

[email protected]

Primary
CWE-829

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

6.4 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2025-12-19T02:16:08.813

13 hours ago

Last modified

2025-12-19T02:16:08.813

13 hours ago