XSS Vulnerability
S1lkys opened this issue · comments
Supplying the following Code on https://md2pdf.netlify.app/ results in JS execution
### XSS PoC
<!-- markdownlint-disable MD038-->
- `<Img src = x onerror = "javascript: window.onerror = alert(document.domain); throw XSS">`
I don't think attacker could use this payload to attack other users.
There's no server-side stored so we don't do the sanitizer, and also we don't do any URL parsing logic to update the DOM, could you leave more info if you have some finding about it?
its not about the payload but that you can execute any JS you want. F.E I could easily create a phishig page via this injection
Just thought to inform you about that. Its not very critical as its self XSS. You may close it if you want to ^^
Did not do any sanitizer since it's an local/non-stored editor (eg. you can run or hot-reload the html preview in editor, would you think it's a XSS?), what your payload and result are really expected to me, see https://github.com/realdennis/md2pdf#whats-special
I could easily create a phishig page via this injection
In this case, you can only phishing yourself I think.