Skip to content

Exporting to PDF contains opportunities for XSS attacks #3178

New issue
New issue
Closed
Closed
Exporting to PDF contains opportunities for XSS attacks#3178
Labels
security issue 🔑Issue concerns Boostnote's security. Usually high priority.
@fungo1024

Description

@fungo1024
fungo1024
opened on Jul 28, 2019

Current behavior

Notes Exported to PDF Format Is Existing XSS Attacks.

Expected behavior

Notes Exported to PDF Format Is Existing XSS Attacks.

When there is a code in the note:

``` JavaScript
% 3Cscript%3Ealert('XSS')%3C/script%3E
```

XSS attacks are triggered when the export PDF function is reused.
xss-payload1.png

Steps to reproduce

1. Put the payload below into your notes.

  • Payload:
    ``` JavaScript
    % 3Cscript%3Ealert('XSS')%3C/script%3E
    ```

I cut a picture:
xss-payload.png

2. Click on the "Info" button in the upper right corner of the note to export the file in PDF format. This will trigger payload to generate a bullet window, that is, there is an XSS attack.

Environment

  • Version : 0.12.1
  • OS Version and name : Microsoft Windows 10 Home Chinese Version

Metadata

Metadata

Assignees

No one assigned

    Labels

    security issue 🔑Issue concerns Boostnote's security. Usually high priority.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions