Wechatsync icon indicating copy to clipboard operation
Wechatsync copied to clipboard

Published 20 hours ago verified publisher icon wechatsync

XSS vulnerability found in the Wechatsync markdown preview page

Open jackfromeast opened this issue 5 months ago • 0 comments

Hi, Wechatsync developer!

Currently, the markdown rendering page does not sanitize user input for scripts, which can lead to Cross-site Scripting (XSS) in the markdown preview page.

Payload

<img src=1 onerror="javascript:alert(document.domain)">

PoC

tmp

Impact

Users of Wecharsync who open untrusted markdown files on the platform (i.e., https://www.wechatsync.com/md/) are vulnerable to XSS attacks.

Note that, since the project doesn't set the security policy, I directly report the vulnerability here.

jackfromeast avatar Sep 27 '24 01:09 jackfromeast