Simplemde-markdown-editor: XSS Vulnerability

Created on 30 Nov 2018  路  3Comments  路  Source: sparksuite/simplemde-markdown-editor

XSS Vulerability detected:
I tried using Inject an XSS query in simple MDE, By creating a link as following.
[XSS](javascript:alert%28sessionStorage.clear%28%29%29)
and it works as following:
This converted into a link, that clears users sessionStorage in this example while clicking

Most helpful comment

Until this is fixed, you can enable the sanitize marked option.

You can do this in the last version, which is not in Master branch, so you need to build simplemde files from sources:

git clone https://github.com/sparksuite/simplemde-markdown-editor.git
cd simplemde-markdown-editor
npm install --save-dev
gulp

Note that as I write this text, the current gulpfile doesn't support gulp4. If my pull request to fix this is not merged as the time you read this, you must edit the gulpfile too (just see the PR diff).

Then, copy simplemde-markdown-editor/dist/simplemde.min.css and simplemde-markdown-editor/dist/simplemde.min.js to your project.

Finally, set sanitize rule to true:

var simplemde = new SimpleMDE(
     {
        renderingConfig: {
            markedOptions: {
                sanitize: true
            }
        },
        element: $('#articleContent')[0]
    });

All 3 comments

you should be setting your marked parse options to sanitize

Hi @dantrevino
I did not find any configuration to set it equal to sanitize. Please let me know how to mark parse options to sanitize ?. I am looking here for configuration https://github.com/sparksuite/simplemde-markdown-editor#configuration

Until this is fixed, you can enable the sanitize marked option.

You can do this in the last version, which is not in Master branch, so you need to build simplemde files from sources:

git clone https://github.com/sparksuite/simplemde-markdown-editor.git
cd simplemde-markdown-editor
npm install --save-dev
gulp

Note that as I write this text, the current gulpfile doesn't support gulp4. If my pull request to fix this is not merged as the time you read this, you must edit the gulpfile too (just see the PR diff).

Then, copy simplemde-markdown-editor/dist/simplemde.min.css and simplemde-markdown-editor/dist/simplemde.min.js to your project.

Finally, set sanitize rule to true:

var simplemde = new SimpleMDE(
     {
        renderingConfig: {
            markedOptions: {
                sanitize: true
            }
        },
        element: $('#articleContent')[0]
    });
Was this page helpful?
0 / 5 - 0 ratings