Miggo Logo

CVE-2021-28833: qiita-markdown Cross-site Scripting vulnerability

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.47285%
Published
8/2/2021
Updated
3/31/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
qiita-markdownrubygems< 0.34.00.34.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from two key points: 1) The Gist embed module explicitly allowed gist.github.com as a trusted host via SCRIPT_HOST constant. 2) This host was included in FilterScript's HOST_WHITE_LIST, disabling security sanitization for <script> tags from this domain. Attackers could craft malicious gist links that would execute arbitrary scripts due to this trust relationship. The fix removed both the Gist module reference and its whitelist entry, confirming these were the vulnerable components.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In*r*m*nts Qiit*::M*rk*own ***or* *.**.* *llows XSS vi* * *r**t** *ist link, * *i***r*nt vuln*r**ility t**n *V*-****-*****.

Reasoning

T** vuln*r**ility st*mm** *rom two k*y points: *) T** *ist *m*** mo*ul* *xpli*itly *llow** *ist.*it*u*.*om *s * trust** *ost vi* S*RIPT_*OST *onst*nt. *) T*is *ost w*s in*lu*** in *ilt*rS*ript's *OST_W*IT*_LIST, *is**lin* s**urity s*nitiz*tion *or <s