1) Enter a server
2) Type the following payload as a message
3) Click the broken image
4) Observe a pop-up box which proves that an XSS issue exists
This issue does not happen with links, so it's an oversight that no filtering occurs when linking images to their URLs.
Remediation
Do whatever you do when someone posts
[Click me](javascript:alert``)
Because somehow that doesn't cause an XSS.
Impact
This is an important security issue as it compromises the security of this client. JavaScript from the payload has access to localStorage and so can do bad things.
This is a security issue.
Proof of concept
1) Enter a server 2) Type the following payload as a message
3) Click the broken image 4) Observe a pop-up box which proves that an XSS issue exists
This issue does not happen with links, so it's an oversight that no filtering occurs when linking images to their URLs.
Remediation
Do whatever you do when someone posts
Because somehow that doesn't cause an XSS.
Impact
This is an important security issue as it compromises the security of this client. JavaScript from the payload has access to localStorage and so can do bad things.