XSS vulnerability in TextHTML plugin

Description:
A cross-site scripting (XSS) vulnerability was identified in the /pagepreview page.
User input is not properly sanitized before being reflected in the HTTP response.

Impact:
An attacker could craft a malicious URL that executes arbitrary JavaScript in the victim’s browser.

Recommendation:
Implement proper input validation and output encoding on both frontend and backend.

Note:
Detailed reproduction steps and screenshots have been shared with the maintainer privately.

You can reproduce the vulnerability by following the steps below.

1. Access to `/?pagePreview=1` and select TextHTML plugin.

<img width="1749" height="650" alt="Image" src="https://github.com/user-attachments/assets/d71ba0f6-bc17-44b3-b74e-7bbbc0d1b3cd" />

2. From the hamburger menu select edit button.

<img width="1731" height="848" alt="Image" src="https://github.com/user-attachments/assets/e8198f74-b5f5-4d23-9ef9-b8e6b6fd08b6" />

3. Insert payload and submit.

<img width="1152" height="732" alt="Image" src="https://github.com/user-attachments/assets/5a672336-af7b-47d8-9d05-fd7aabe24c88" />

4. Refresh the page and check the script is triggered.

<img width="1165" height="706" alt="Image" src="https://github.com/user-attachments/assets/156bb000-81b7-428f-b705-823ec1ef2f61" />

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

XSS vulnerability in TextHTML plugin #2405

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

XSS vulnerability in TextHTML plugin #2405

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions