diff --git a/.github/security/229-richtext-xss.md b/.github/security/229-richtext-xss.md new file mode 100644 index 00000000..dae8bb7e --- /dev/null +++ b/.github/security/229-richtext-xss.md @@ -0,0 +1,23 @@ +Title: general-editor RichText XSS sanitization + +Summary + +- Address XSS risk in `general-editor` RichText rendering by sanitizing untrusted HTML prior to rendering. +- Applies sanitization before `dangerouslySetInnerHTML` and `iframe srcDoc` usage. + +Details + +- Affected area: `general-editor/src/tags/object/RichText/view.js` +- Mitigation: Use DOMPurify to sanitize the rendered HTML string. +- Dependency: `dompurify` declared in `general-editor/package.json`. + +PoC (neutralized post-fix) + +- `` +- `` + +Tracking + +- Related issue: #229 + +