Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This vulnerability allows Editor or Author roles could insert malicious JavaScript on the WYSIWYG editor.
Affected in Bludit v3.10.0
We inserted a simple HTML+JavaScript for PoC.
As a result, we could insert malicious JavaScript on the WYSIWYG editor.
But the CMS had inserted HttpOnly when web applications issued a token to web browser, resulting in the attacker couldn’t steal the cookie.
But the attacker still crafted malicious JavaScript to do anything. I.e. enforce every legitimate user to logout on the web application
As a result, we could enforce legitimated users to logout.
PHP Version 7.1.33
The text was updated successfully, but these errors were encountered:
Hi, yes it's allowed to insert javascript code in the pages, is not a bug. Regards
Sorry, something went wrong.
You should be sanitizing user input. In the various situations assumed every user is a malicious user or has been compromised. In this case, the application should be allowed some attributes. i.e. TinyMCE, CKEditor
No branches or pull requests
Describe
This vulnerability allows Editor or Author roles could insert malicious JavaScript on the WYSIWYG editor.
Steps to reproduce the vulnerability
Affected in Bludit v3.10.0
We inserted a simple HTML+JavaScript for PoC.

As a result, we could insert malicious JavaScript on the WYSIWYG editor.

But the CMS had inserted HttpOnly when web applications issued a token to web browser, resulting in the attacker couldn’t steal the cookie.

But the attacker still crafted malicious JavaScript to do anything. I.e. enforce every legitimate user to logout on the web application

As a result, we could enforce legitimated users to logout.

Bludit version
Affected in Bludit v3.10.0
PHP version
PHP Version 7.1.33
The text was updated successfully, but these errors were encountered: