CVE-2025-46338
📋 TL;DR
Audiobookshelf versions before 2.21.0 contain a reflected cross-site scripting (XSS) vulnerability in the /api/upload endpoint. Attackers can inject malicious JavaScript via the libraryId field, which gets reflected in server error messages and executes in victims' browsers. This affects all self-hosted Audiobookshelf instances running vulnerable versions.
💻 Affected Systems
- Audiobookshelf
📦 What is this software?
Audiobookshelf by Audiobookshelf
⚠️ Risk & Real-World Impact
Worst Case
Attacker steals authenticated session cookies, performs actions as the victim (upload malicious files, delete content), or redirects to phishing sites.
Likely Case
Attacker steals session cookies to gain unauthorized access to the audiobook server, potentially compromising user data and media libraries.
If Mitigated
Limited impact with proper input validation and output encoding; attacker can only execute scripts in specific error contexts.
🎯 Exploit Status
Exploitation requires the attacker to trick a victim into clicking a malicious link while authenticated to Audiobookshelf.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.21.0
Vendor Advisory: https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-47g3-c5hx-2q3w
Restart Required: Yes
Instructions:
1. Backup your Audiobookshelf data and configuration. 2. Update to version 2.21.0 using your preferred method (Docker, manual install, package manager). 3. Restart the Audiobookshelf service. 4. Verify the update by checking the version in the web interface.
🔧 Temporary Workarounds
Input Validation via Web Application Firewall
allConfigure WAF rules to block malicious payloads in the libraryId parameter.
Depends on specific WAF (e.g., ModSecurity, Cloudflare, AWS WAF)
Restrict Access to /api/upload Endpoint
linuxUse network controls or reverse proxy rules to limit access to authenticated users only.
nginx: location ~ ^/api/upload { auth_basic 'Restricted'; }
apache: <Location /api/upload> Require valid-user </Location>
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to block inline script execution.
- Disable or restrict the /api/upload endpoint if not needed for your use case.
🔍 How to Verify
Check if Vulnerable:
Check Audiobookshelf version via web interface Settings > About, or run: docker inspect audiobookshelf/audiobookshelf | grep versionCheck Version:
docker inspect audiobookshelf/audiobookshelf | grep versionVerify Fix Applied:
Confirm version is 2.21.0 or higher and test by attempting to inject script payloads into libraryId field (in a controlled environment).📡 Detection & Monitoring
Log Indicators:
- HTTP 400/500 errors with suspicious libraryId parameter values containing script tags or JavaScript code
- Unusual upload attempts with malformed libraryId
Network Indicators:
- HTTP requests to /api/upload with encoded script payloads in parameters
- Outbound connections to external domains following upload attempts
SIEM Query:
source='audiobookshelf.log' AND (uri_path='/api/upload' AND (param='libraryId' AND value MATCHES '(?i)<script|javascript:|onload=|onerror='))