Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exporting to PDF contains opportunities for XSS attacks #3178

Closed
fungo1024 opened this issue Jul 28, 2019 · 1 comment
Closed

Exporting to PDF contains opportunities for XSS attacks #3178

fungo1024 opened this issue Jul 28, 2019 · 1 comment
Labels
security issue 🔑 Issue concerns Boostnote's security. Usually high priority.

Comments

@fungo1024
Copy link

fungo1024 commented Jul 28, 2019
edited
Loading

Current behavior

Notes Exported to PDF Format Is Existing XSS Attacks.

Expected behavior

Notes Exported to PDF Format Is Existing XSS Attacks.

When there is a code in the note:

``` JavaScript
% 3Cscript%3Ealert('XSS')%3C/script%3E
```

XSS attacks are triggered when the export PDF function is reused.
xss-payload1.png

Steps to reproduce

1. Put the payload below into your notes.

  • Payload:
    ``` JavaScript
    % 3Cscript%3Ealert('XSS')%3C/script%3E
    ```

I cut a picture:
xss-payload.png

2. Click on the "Info" button in the upper right corner of the note to export the file in PDF format. This will trigger payload to generate a bullet window, that is, there is an XSS attack.

Environment

  • Version : 0.12.1
  • OS Version and name : Microsoft Windows 10 Home Chinese Version
@Flexo013 Flexo013 added the security issue 🔑 Issue concerns Boostnote's security. Usually high priority. label Jul 28, 2019
@Flexo013 Flexo013 changed the title Notes Exported to PDF Format Is Existing XSS Attacks Exporting to PDF contains opportunities for XSS attacks Jul 28, 2019
@AWolf81 AWolf81 mentioned this issue Jul 31, 2019
Merged
@Flexo013
Copy link
Contributor

Will be fixed in 0.13.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security issue 🔑 Issue concerns Boostnote's security. Usually high priority.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Flexo013 @fungo1024