Описание
VBScript Content Injection in marked
Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set.
Proof of Concept ( IE10 Compatibility Mode Only )
[xss link](vbscript:alert(1))
will get a link
<a href="vbscript:alert(1)">xss link</a>
Recommendation
Update to version 0.3.3 or later.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-1370
- https://github.com/chjj/marked/issues/492
- https://github.com/markedjs/marked/issues/492
- https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba
- https://github.com/markedjs/marked/commit/fc372d1c6293267722e33f2719d57cebd67b3da1
- https://www.npmjs.com/advisories/24
- https://www.npmjs.com/advisories/24/versions
- http://www.openwall.com/lists/oss-security/2015/01/23/2
Пакеты
Наименование
marked
npm
Затронутые версииВерсия исправления
< 0.3.3
0.3.3
Связанные уязвимости
ubuntu
около 11 лет назад
Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
nvd
около 11 лет назад
Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
debian
около 11 лет назад
Incomplete blacklist vulnerability in marked 0.3.2 and earlier for Nod ...