Title: Filter Failure: From HTML Injection to Full-Blown XSS via Rich Text Editors
攻击者利用配置错误的富文本编辑器(WYSIWYG),通过未正确过滤和 sanitization 的漏洞,在客户端实现远程代码执行(RCE),导致数据泄露并获得赏金。 2025-5-15 04:53:39 Author: infosecwriteups.com(查看原文) 阅读量:1 收藏

Iski

Free Link 🎈

Hey there!😁

Image by Gemini AI

Never trust a coffee machine before 9 AM, a JavaScript function before sanitization, and a rich text editor to protect your users. ☕💻💣

This is a story about how a seemingly innocent WYSIWYG editor turned into my personal printing press for bounty bucks. 💰 And no, this isn’t your basic <script>alert(1)</script> tale. This was a journey through misconfigured filters, broken sanitizers, and a glorious client-side RCE.

While running a mass recon across dozens of programs, I stumbled upon a juicy endpoint that screamed “edit your profile” with rich text formatting enabled. It used tinymce, one of the most popular WYSIWYG editors.

I noticed this endpoint:

POST /user/update-bio
Host: target.com
Content-Type…

文章来源: https://infosecwriteups.com/title-filter-failure-from-html-injection-to-full-blown-xss-via-rich-text-editors-af6809e248b4?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh