Console icon indicating copy to clipboard operation
Console copied to clipboard
verified publisher icon SitecorePowerShell

[SAST] DOM-based Cross-site Scripting (XSS)

Open alan-null opened this issue 1 month ago • 0 comments

ise.js https://github.com/SitecorePowerShell/Console/blob/248a7bc4e34c9a50e3709130408c62a90bc39e6c/src/Spe/sitecore%20modules/PowerShell/Scripts/ise.js#L841

reports.js https://github.com/SitecorePowerShell/Console/blob/248a7bc4e34c9a50e3709130408c62a90bc39e6c/src/Spe/sitecore%20modules/PowerShell/Scripts/reports.js#L14

console.js https://github.com/SitecorePowerShell/Console/blob/248a7bc4e34c9a50e3709130408c62a90bc39e6c/src/Spe/sitecore%20modules/PowerShell/Scripts/console.js#L247

Location:

Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/ise.js, line 841
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/reports.js, line 14
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/console.js, line 247
  
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/ise.js, line 841
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/reports.js, line 14
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2.scwdp/Content/Website/sitecore%20modules/PowerShell/Scripts/console.js, line 247
  
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2/files/sitecore%20modules/PowerShell/Scripts/ise.js, line 841
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2/files/sitecore%20modules/PowerShell/Scripts/reports.js, line 14
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2/files/sitecore%20modules/PowerShell/Scripts/console.js, line 247
  
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR/files/sitecore%20modules/PowerShell/Scripts/ise.js, line 841
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR/files/sitecore%20modules/PowerShell/Scripts/reports.js, line 14
Path: Sitecore.PowerShell.Extensions-8.0-Beta-2-IAR/files/sitecore%20modules/PowerShell/Scripts/console.js, line 247

Proof:

Image Image Image

Info: Unsanitized input from data from a remote resource flows into innerHTML, where it is used to dynamically construct the HTML page on client side. This may result in a DOM Based Cross-Site Scripting attack (DOMXSS).

Resolution:

  • Stop using innerHTML for untrusted data, Use textContent (or innerText) for plain text.
  • Use a well-maintained sanitizer (like DOMPurify) at the point of use.

alan-null avatar Nov 28 '25 09:11 alan-null