angular-wysiwyg icon indicating copy to clipboard operation
angular-wysiwyg copied to clipboard
verified publisher icon TerryMooreII

multiple xss

Open sam2x opened this issue 10 years ago • 0 comments

Your wysiwyg editor is prone to multiple xss security vulnerabilities via 'on' events (onclick, onerror, etc.), and potentially others attributes that let's you inject javascript code. PoC : <img src='http://invalidimageurl.com/lakzelazkemlkazmlek' onerror='alert(document.cookie)'/>

Xss may let you steal sensitive session information, and thus, impersonate an authenticated user. I can't use this module since i need 'bullet-proof' user-input sanitization of a text-editor.

Ref: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Regards

sam2x avatar Nov 01 '15 19:11 sam2x