[SECURITY VULNERABILITY] In your codebase are some references of the cdn com polyfill com io service

MustardChef / WSABuilds

Run Windows Subsystem For Android on your Windows 10 and Windows 11 PC using prebuilt binaries with Google Play Store (MindTheGapps) and/or Magisk or KernelSU (root solutions) built in.

GNU Affero General Public License v3.0

6.91k stars 1.2k forks source link

[SECURITY VULNERABILITY] In your codebase are some references of the cdn com polyfill com io service #399

Closed PriNova closed 3 days ago

PriNova commented 3 days ago

Describe the bug

Two of your html files are using the cdn.polyfill.io service which is known to inject malicious code.

MagiskOnWSA/docs/Issues.html

MagiskOnWSA/DLL/docs/Issues.html

Steps to reproduce the issue

https://x.com/WeldPond/status/1805973940642119900

Expected behaviour

Use the polyfill service from cloudflare

Downloaded Build Of WSA

n/a

Windows build number

n/a

PC Specification

n/a

Additional context

No response

MustardChef commented 3 days ago

Corresponding files have been deleted. Please also notify the creator of the HTML Files of this vulnerability, so that they can take action (https://github.com/YT-Advanced/WSA-Script).

Thank you, MustardChef.

PriNova commented 3 days ago

Done.

Thank you for your lightning fast reaction.

MustardChef commented 3 days ago

Since this issue has been resolved, I shall now close this issue. Thanks again for bringing this to my attention.