wangking1
wangking1
/ gist:61bdd1967367301a950ffbb3d10386f3
Last active
January 7, 2023 14:48
The storage XSS in Typora causes arbitrary code execution
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor. | |
| A< Svg onload = "alert (/ XSS /)" > (any text must be added before the payload, otherwise the payload cannot be triggered), or a< Select onfocus = alert (1) autofocus > and so on Insert the text, transmit it to the victim, and guide the victim to send the XXX MD printing, or exporting the text format to PDF format or image conversion format, can trigger the XSS vulnerability Insert the text, transmit it to the victim, and guide the victim to send the XXX MD printing, or exporting the text format to PDF format or image conversion format, can trigger the XSS vulnerability |