Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is one XSS(stored) vulnerability that can get Cookies from other account #35

Closed
zzzskd opened this issue Aug 5, 2019 · 5 comments

Comments

@zzzskd
Copy link

zzzskd commented Aug 5, 2019

There exists XSS(stored) vulnerability in Rich Text Box.

The vulnerability replication process is as follows:

  1. Capture packets when you add picture through Rich Text Box.
  2. Then, change raw data into <img src="a" onerror="alert(document.cookie)" />.
  3. After successful saving,users' cookies will pop up.
@easysoft
Copy link
Collaborator

easysoft commented Aug 6, 2019

Thank you for your feedback. We will fix it in the next release.

@NicoleG25
Copy link

@easysoft was this issue ever addressed?
Please note that CVE-2019-14731 was assigned to this issue.
If it was addressed could you kindly point me to the fixing commit ?
Thanks in advance !

@reneeteng
Copy link
Collaborator

reneeteng commented Apr 23, 2020 via email

@0x10f2c
Copy link

0x10f2c commented Feb 15, 2021

Just trying to understand if this issue was resolved as this still seems to execute?

@reneeteng
Copy link
Collaborator

Just trying to understand if this issue was resolved as this still seems to execute?

Yes, this is resolved in 11.6.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants