Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG: Component attributes data not sanitized properly leading to self XSS #391

Open
3 tasks done
DevKishan opened this issue Feb 7, 2025 · 0 comments
Open
3 tasks done

BUG: Component attributes data not sanitized properly leading to self XSS #391

DevKishan opened this issue Feb 7, 2025 · 0 comments

Comments

@DevKishan
Copy link

DevKishan commented Feb 7, 2025
edited
Loading

GrapesJS version

  • I confirm to use the latest version of GrapesJS

GrapesJS MJML version

  • I confirm to use the latest version of GrapesJS MJML

What browser are you using?

Chrome 126

Reproducible demo link

https://grapesjs.com/demo-mjml.html

Describe the bug

How to reproduce the bug?

  1. Go to https://grapesjs.com/demo-mjml.html
  2. Select any component
  3. Set component's id attribute's value to 123"></div><img src=x onerror=alert(1)>123

What is the expected behavior?
... The XSS code in the attribute's value should be sanitized and removed.

What is the current behavior?
... The XSS code executes and triggers an alert(as seen in this video). This happens only with GrapesJS MJML node module. With core GrapesJS editor the issue doesn't occur as seen here on core editor demo site.

Code of Conduct

  • I agree to follow this project's Code of Conduct
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DevKishan