Open silviavali opened 6 years ago
Hello,
Why would you close an issue, without any information on the decision why you have marked it invalid? https://github.com/amitmerchant1990/electron-markdownify/issues/25
You have a nice blog post about the electorn-markdownify, and I think its is a good application. It would be a pity if you just leave the security issue in there and allow people to keep using it.
Please do check the security checklist for Electron to be aware of the consequences of code execution in Electron applications due to XSS. https://www.blackhat.com/docs/us-17/thursday/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
In 90 days I'd disclose information on the issue, so I'm hoping for your collaboration in fixing the issue prior.
Thanks
Hey @silviavali
Please send the report to bullredeyes@gmail.com I'll take a look at it and will try to fix the same. Sorry for the very late follow up.
Thanks!
Hello,
Why would you close an issue, without any information on the decision why you have marked it invalid? https://github.com/amitmerchant1990/electron-markdownify/issues/25
You have a nice blog post about the electorn-markdownify, and I think its is a good application. It would be a pity if you just leave the security issue in there and allow people to keep using it.
Please do check the security checklist for Electron to be aware of the consequences of code execution in Electron applications due to XSS. https://www.blackhat.com/docs/us-17/thursday/us-17-Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
In 90 days I'd disclose information on the issue, so I'm hoping for your collaboration in fixing the issue prior.
Thanks