Improper filtering of classes used in codeblocks in Markdown

Disclosed: 2014-07-08 10:00:25 By markijbema To security

Unknown

Vulnerability Details

Redcarpet just uses the name of the language as the classname of the element. So if the classnames are of significance to the site, one can break the site using this. For instance, this report disables the topbar, and can trigger the user into opening a popup. Proof of concept: ```js-topbar i eat the topbar ``` ```js-share-link i open a popup ```

Actions

View on HackerOne

Report Stats

Report ID: 12815
State: Closed
Substate: resolved
Upvotes: 3

Improper filtering of classes used in codeblocks in Markdown

Vulnerability Details

Actions

Report Stats

Share this report