Stored XSS through Run Logs
A stored XSS vulnerability was identified in version 3.19.3 of the software, where terminal output logs are displayed using the `dangerouslySetInnerHTML` function in React. This issue was patched in a subsequent release.
Available publicly on Jul 12 2024
Threat Overview
The vulnerability arises from the use of the dangerouslySetInnerHTML function in React to display terminal output logs. This function does not properly neutralize input, allowing an attacker to inject malicious scripts into the logs. When a user views the logs, the malicious script is executed in their browser, potentially leading to unauthorized actions or data exposure.
Attack Scenario
An attacker could exploit this vulnerability by injecting a malicious script into the terminal output logs. For example, they could run a script that logs a payload like <image src/onerror=prompt(8)>. When another user navigates to the logs tab for that run, the script would execute, potentially compromising the user's session or stealing sensitive information.
Who is affected
Users of version 3.19.3 of the software who view terminal output logs in the logs tab are affected by this vulnerability.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.