Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTML Injection in filename #1720

Open
1 task done
claunch3r opened this issue Nov 12, 2024 · 1 comment
Open
1 task done

HTML Injection in filename #1720

claunch3r opened this issue Nov 12, 2024 · 1 comment
Labels
confirmed-bug Issues with confirmed bugs

Comments

@claunch3r
Copy link

claunch3r commented Nov 12, 2024
edited
Loading

This issue is unique.

  • I have used the search tool and did not find an issue describing my bug.

Operating System

Linux (DEB package)

Version information

8.0.1.31

Expected Behavior

I was expecting to see that the file name would not be formatted.

Actual Behavior

The file name is formatted using HTML tags.

Reproduction Steps

  1. Create a file that contains an HTML tag in its name;
  2. Open this file using OnlyOffice;
  3. As a result, the file name will be formatted, leading to an HTML Injection vulnerability.

POC:
filename: <h1>test.xlsx
1

filename: <s>test.xlsx
2

filename: <ul><li>test.xlsx
3

Additional information

No response
@ElenaMaaya
Copy link

Hello @claunch3r !
Thank you for report!
I can confirm that the problem exists. I created ticket 71725 in our issue tracker with your issue.

@Rita-Bubnova Rita-Bubnova added the confirmed-bug Issues with confirmed bugs label Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
confirmed-bug Issues with confirmed bugs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Rita-Bubnova @ElenaMaaya @claunch3r