Cross-site Scripting (XSS) - Generic in uiwjs/react-md-editor

Valid

Reported on

Dec 6th 2021


Description

XSS vulnerability through the markdown editor

Proof of Concept

<IFRAME SRC="javascript:javascript:alert(window.origin);"></IFRAME>

Steps to Reproduce

Visit the demo page. Past the payload in the markdown editor.

Impact

  • Steal a user's token
  • Session hijacking ...
We are processing your report and will contact the uiwjs/react-md-editor team within 24 hours. 2 months ago
We created a GitHub Issue asking the maintainers to create a SECURITY.md 2 months ago
Jamie Slome
2 months ago

Admin


Thanks for your report @esidate. The maintainers have requested that we make the report public.

I am going to share the report URL with them on the GitHub Issue now 👍

El Mahdi Sidate
2 months ago

Researcher


Thank you Jamie.

小弟调调™ validated this vulnerability 2 months ago
El Mahdi Sidate has been awarded the disclosure bounty
The fix bounty is now up for grabs
小弟调调™ confirmed that a fix has been merged on d4ffe5 2 months ago
The fix bounty has been dropped
Pocas
2 months ago

Hello. Is the above patch not applied to the https://uiwjs.github.io/react-markdown-editor/ demo site yet?