Open kltm opened 2 years ago
It is currently possible to inject possibly problematic code into the matrix interface that might be approaching an exploitable XSS attack for users (self-XSS). For example, unsanitized around:
jQuery("#info").empty(); jQuery("#info").append("x: <b>" + xn.name + "</b> (" + xn.id + ")"); jQuery("#info").append("<br />"); jQuery("#info").append("y: <b>" + yn.name + "</b> (" + yn.id + ")"); jQuery("#info").append("<br />"); jQuery("#info").append("SBC: <b>" + sbc + "</b>"); jQuery("#info").show();
or, for example, entering the following ID:
<script>alert()</script>
Currently, tagged as enhancement; will recode as showstopper if this gets elevated by security.
Two known parts, and one notice:
It is currently possible to inject possibly problematic code into the matrix interface that might be approaching an exploitable XSS attack for users (self-XSS). For example, unsanitized around:
or, for example, entering the following ID:
<script>alert()</script>Currently, tagged as enhancement; will recode as showstopper if this gets elevated by security.
Two known parts, and one notice: