[Issue 17391] New: SECURITY: XSS through DDOC comments
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed May 10 13:40:20 PDT 2017
https://issues.dlang.org/show_bug.cgi?id=17391
Issue ID: 17391
Summary: SECURITY: XSS through DDOC comments
Product: D
Version: D2
Hardware: x86_64
OS: Linux
Status: NEW
Severity: normal
Priority: P1
Component: dmd
Assignee: nobody at puremagic.com
Reporter: cpicard at openmailbox.org
DDOC comments are not escaped and this results in a XSS vulnerability.
Proof of concept:
test.d:
/// <script>alert(2)</script>
void f() {
return;
}
$ dmd -D test.d
$ firefox test.html -> an alert box appears
The security issue is clear although it requires manipulating the user to
compile and display malicious comments. But as compiling the documentation is
something many do before thoroughly reading the code it's still a valid
security issue.
Also, aside from that, it breaks valid documentation so there's a usability
issue as well.
--
More information about the Digitalmars-d-bugs
mailing list