search

getgems-io / issues

30 stars 10 forks source link

XSS in social links block in NFT Collection & Profile #28

Closed LetikGit closed 2 years ago

LetikGit commented 2 years ago

Bug Type

Functional

Reproduction steps

via https://github.com/getgems-io/issues/issues/5

  1. Go to profile OR to create NFT Collection
  2. Place breakpoints to request (edit profile / create nft collection)
  3. Replace URL param to payload, as example {type: "Website", url: "javascript:alert(document.cookie)"}
  4. Send request
  5. Go to profile OR created NFT collection
  6. Click on link with payload from socialLinks component

Actual result

XSS

https://user-images.githubusercontent.com/48149254/191036521-a4b7fc71-008b-4326-9ad3-e7b8f804884c.mp4

Expected result

Don't allow "clear" links, add 'https' to start

Suggested Severity

Vulnerability

Device

OS: macOS Browser chrome Version 105

Additional Context

No response

LetikGit commented 2 years ago

Reported this problem over the weekend, with PO decided that the problem after the fix can be disclosed publicly.