Skip to content
This repository has been archived by the owner on Mar 9, 2021. It is now read-only.

XSS in recordingInfoPanel #8

Closed
quantiom opened this issue Feb 6, 2020 · 1 comment
Closed

XSS in recordingInfoPanel #8

quantiom opened this issue Feb 6, 2020 · 1 comment

Comments

@quantiom
Copy link

quantiom commented Feb 6, 2020

Issue

On line 1072, data is declared as:
const data = `Recording in ${SendAudioUtil.getChannelName(type)} (${SendAudioUtil.getGuildName(type)})`;
And the getChannelName / getGuildName does not sanitize the name.
data is used to create the SendAudioUtil panel and is not sanitized either.
If you want to test this, you can rename a guild or channel to <img src=x onerror=alert(1)> and click the record button.

Result:

Result
@MKSx
Copy link
Owner

MKSx commented Mar 14, 2020

Thanks, I got this last update

@MKSx MKSx closed this as completed Mar 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MKSx @quantiom