search

GitHawkApp / GitHawk

The (second) best iOS app for GitHub.
http://githawk.com
MIT License
2.88k stars 385 forks source link

XSS vulnerability in issue markdown #2737

Open brettinternet opened 5 years ago

brettinternet commented 5 years ago

HTML input in issue comments aren't sanitized. This is a potential XSS vulnerability. I know GitHub markdown supports some HTML, but I believe there is a blacklist of elements like script tags that should at least be neutralized.

I've tested this on iOS 12.3.1 and GitHawk 1.27.2. To test, please visit this issue via GitHawk.

XSS Demo

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a whitelist is good practice.

https ftp other link 1 other link 2 other link 3 javascript link

BasThomas commented 5 years ago

I'm not entirely sure what you're referring to — can you post an example?

brettinternet commented 5 years ago

Hi @BasThomas, I've updated the issue with a better explanation and a replicable example.