XSS Stored on the Network Services Panel (Token Management - Description)

[Ug0Security]

• I confirm that this is an issue rather than a question.

Bug report

Steps to reproduce

1- Go to the network config panel (login if necessary)

2- in the "Token description" input put an xss payload eg: <img src=foo onerror=alert(123)>

3- Create a new token and profit

---

What is expected?

User input should be escaped

What is actually happening?

You can put XSS payload which will be stored and executed each time you load the page

System

Hyperion Server:

• Build: (HEAD detached at b1a4e95) (Paulchen-Panther-975f969a/b1a4e95c-1626550299)
• Build time: Jul 17 2021 20:59:56
• Git Remote: https://github.com/hyperion-project/hyperion.ng
• Version: 2.0.0-alpha.10
• UI Lang: fr (BrowserLang: fr-FR)
• UI Access: default
• Avail Capt: dispmanx,v4l2,framebuffer,qt
• Database: read/write

Hyperion Server OS:

• Distribution: Raspbian GNU/Linux 10 (buster)
• Architecture: arm
• CPU Model: ARMv7 Processor rev 4 (v7l)
• CPU Type: Raspberry Pi 3 Model B Rev 1.2
• CPU Revision: a02082
• CPU Hardware: BCM2835
• Kernel: linux (5.10.17-v7+ (WS: 32))
• Qt Version: 5.7.1
• Python Version: 3.5.3
• Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36

Cheers