Closed huntr-helper closed 3 years ago
@pratu16x7 @scmmishra - let me know if you have any thoughts or questions, cheers! π°
@JamieSlome @huntr-helper Can you please follow the PR template. I see a lot of irrelevant links to your site, while I appreciate the spirit of your contribution, I'd like the PR description to be on point only.
$25 Stonks
@scmmishra, if you want more security fixes and patches like this in the future, you can let security researchers know that they can win bounties protecting your repository by copying this small code snippet into your README.md:
[![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
π π π
https://huntr.dev/users/arjunshibu has fixed the Cross-site Scripting (XSS) vulnerability π¨. arjunshibu has been awarded $25 for fixing the vulnerability through the huntr bug bounty program π΅. Think you could fix a vulnerability like this?
Get involved at https://huntr.dev/
Q | A Version Affected | ALL Bug Fix | YES Original Pull Request | https://github.com/418sec/charts/pull/1 GitHub Issue | https://github.com/frappe/charts/issues/313 Vulnerability README | https://github.com/418sec/huntr/blob/master/bounties/npm/frappe-charts/1/README.md
User Comments:
:bar_chart: Metadata *
frappe-charts
is vulnerable toCross-Site Scripting (XSS)
.Bounty URL: https://www.huntr.dev/bounties/1-npm-frappe-charts
:gear: Description *
Cross-Site Scripting (XSS)
attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.:computer: Technical Description *
While rendering charts, the package is validating all object fields except
name
indatasets
array, this allows malicious code execution. The fix is implemented by properly validatingname
field to escape malicious characters.:bug: Proof of Concept (PoC) *
Steps To Reproduce
><img/	  src=~ onerror=alert('XSS')>
and place it inname
.References
:fire: Proof of Fix (PoF) *
+1 User Acceptance Testing (UAT)