Miggo Logo

CVE-2021-4272: studygolang vulnerable to cross-site scripting

6.1

CVSS Score
3.1

Basic Information

EPSS Score
0.16495%
Published
12/21/2022
Updated
4/5/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/studygolang/studygolanggo<= 0.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from processing user-controlled markdown content through the marked library without adequate sanitization before setting HTML content. The commit patch adds client-side tag replacement for <script>, <form>, etc., demonstrating the original code lacked these protections. The XSS occurs when unsanitized output from marked() is injected into DOM via $(this).html(contentHtml). While no explicit function name is given, the marked() processing chain in topics.js is the clear vulnerable point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility *l*ssi*i** *s pro*l*m*ti* **s ***n *oun* in stu*y*ol*n*. T*is *****ts *n unknown p*rt o* t** *il* st*ti*/js/topi*s.js. T** m*nipul*tion o* t** *r*um*nt *ont*nt*tml l***s to *ross sit* s*riptin*. It is possi*l* to initi*t* t** *tt**k r

Reasoning

T** vuln*r**ility st*ms *rom pro**ssin* us*r-*ontroll** m*rk*own *ont*nt t*rou** t** `m*rk**` li*r*ry wit*out ***qu*t* s*nitiz*tion ***or* s*ttin* *TML *ont*nt. T** *ommit p*t** ***s *li*nt-si** t** r*pl***m*nt *or `<s*ript>`, `<*orm>`, *t*., **monst