GitHawk icon indicating copy to clipboard operation
GitHawk copied to clipboard
verified publisher icon GitHawkApp

XSS vulnerability in issue markdown

Open brettinternet opened this issue 6 years ago • 2 comments

HTML input in issue comments aren't sanitized. This is a potential XSS vulnerability. I know GitHub markdown supports some HTML, but I believe there is a blacklist of elements like script tags that should at least be neutralized.

I've tested this on iOS 12.3.1 and GitHawk 1.27.2. To test, please visit this issue via GitHawk.

XSS Demo

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a whitelist is good practice.

https ftp other link 1 other link 2 other link 3 javascript link

brettinternet avatar May 01 '19 07:05 brettinternet

I'm not entirely sure what you're referring to — can you post an example?

BasThomas avatar May 02 '19 19:05 BasThomas

Hi @BasThomas, I've updated the issue with a better explanation and a replicable example.

brettinternet avatar Jul 13 '19 08:07 brettinternet