N/A

CVSS Score

Basic Information

CVE ID

CVE-2025-54881

GHSA ID

GHSA-7rqq-prvp-x9jh

EPSS Score

CWE

CWE-79

Published

8/19/2025

Updated

8/19/2025

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-54881

CVE-2025-54881: Mermaid improperly sanitizes sequence diagram labels leading to XSS

Summary

In the default configuration of mermaid 11.9.0, user supplied input for sequence diagram labels is passed to innerHTML during calculation of element size, causing XSS.

Details

Sequence diagram node labels with KaTeX delimiters are passed through calculateMathMLDimensions. This method passes the full label to innerHTML which allows allows malicious users to inject arbitrary HTML and cause XSS when mermaid-js is used in it's default configuration (with KaTeX support enabled).

The vulnerability lies here:

export const calculateMathMLDimensions = async (text: string, config: MermaidConfig) => {
  text = await renderKatex(text, config);
  const divElem = document.createElement('div');
  divElem.innerHTML = text; // XSS sink, text has not been sanitized.
  divElem.id = 'katex-temp';
  divElem.style.visibility = 'hidden';
  divElem.style.position = 'absolute';
  divElem.style.top = '0';
  const body = document.querySelector('body');
  body?.insertAdjacentElement('beforeend', divElem);
  const dim = { width: divElem.clientWidth, height: divElem.clientHeight };
  divElem.remove();
  return dim;
};

The calculateMathMLDimensions method was introduced in 5c69e5fdb004a6d0a2abe97e23d26e223a059832 two years ago, which was released in Mermaid 10.9.0.

PoC

Render the following diagram and observe the modified DOM.

sequenceDiagram
    participant A as Alice<img src="x" onerror="document.write(`xss on ${document.domain}`)">$$\\text{Alice}$$
    A->>John: Hello John, how are you?
    Alice-)John: See you later!

Here is a PoC on mermaid.live: https://mermaid.live/edit#pako:eNpVUMtOwzAQ_BWzyoFKaRTyaFILiio4IK7ckA-1km1iKbaLY6spUf4dJ0AF68uOZ2dm7REqXSNQ6PHDoarwWfDGcMkUudaJGysqceLKkj3hPdl3osJ7IRvSm-qBwcCAaIXGaONRrSsnUdnobITF28PQ954lwXglai25UNNhxWAXBMyXxcGOi-3kL_5k79e73atuFSUv2HWazH1IWn0m3CC5aPf4b3p2WK--BW-4DJCOWzQ3TM0HQmiMqIFa4zAEicZv4iGMsw0D26JEBtS3NR656ywDpiYv869_11r-Ko12TQv0yLveI3eqfcjP111HUNVonrRTFuhdsVgAHWEAmuRxlG7SuEzKMi-yJAnhAjTLIk_EcbFJtuk2y9MphM8lM47KIp--AOZghtU

Impact

XSS on all sites that use mermaid and render user supplied diagrams without further sanitization.

Remediation

The value of the text argument for the calculateMathMLDimensions method needs to be sanitized before getting passed on to innerHTML.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

CVE-2025-54881

GHSA ID

GHSA-7rqq-prvp-x9jh

EPSS Score

CWE

CWE-79

Published

8/19/2025

Updated

8/19/2025

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mermaid	npm	>= 10.9.0-rc.1, < 11.10.0	11.10.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability exists because user-provided input is passed to the innerHTML property in multiple locations without proper sanitization. The core of the vulnerability is in the calculateMathMLDimensions function, which is explicitly mentioned in the vulnerability description. This function is responsible for calculating the dimensions of KaTeX-rendered text by creating a temporary DOM element and setting its innerHTML. The initial implementation did not sanitize the input, allowing for XSS.

The fixing commit 685516a85ec1df64cefd4fd15f26533be87d458e addresses this by introducing a new function, renderKatexSanitized, which wraps the original KaTeX rendering logic with a call to sanitizeText. This new sanitized function is then used in calculateMathMLDimensions and other places where KaTeX output is rendered, such as drawKatex and addHtmlSpan.

Additionally, the fixing commit applies sanitizeText in other functions like addHtmlLabel that were also found to be using innerHTML with potentially unsafe user input. By analyzing the changes in the fixing commit, I was able to identify all the functions that were sinks for this XSS vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Summ*ry In t** ****ult *on*i*ur*tion o* m*rm*i* **.*.*, us*r suppli** input *or s*qu*n** *i**r*m l***ls is p*ss** to `inn*r*TML` *urin* **l*ul*tion o* *l*m*nt siz*, **usin* XSS. ### **t*ils S*qu*n** *i**r*m no** l***ls wit* K*T*X **limit*rs *r*

Reasoning

T** vuln*r**ility *xists ****us* us*r-provi*** input is p*ss** to t** `inn*r*TML` prop*rty in multipl* lo**tions wit*out prop*r s*nitiz*tion. T** *or* o* t** vuln*r**ility is in t** `**l*ul*t*M*t*ML*im*nsions` *un*tion, w*i** is *xpli*itly m*ntion**

N/A

Basic Information

Concerned about an active attack path?

CVE-2025-54881: Mermaid improperly sanitizes sequence diagram labels leading to XSS

Summary

Details

PoC

Impact

Remediation

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI