XSS in webmention.js in plaidweb/webmention.js
Jul 11th 2023
webmention.js has a XSS vulnerability here. Comment name has not escaped. https://github.com/PlaidWeb/webmention.js/blob/9457e71433c0d2430bbe767ecc5b5837140d0ee4/static/webmention.js#L330
Proof of Concept
- 1 Put a webmention.js on your site
- 2 Send a webmention that includes XSS payload in
<article class="h-entry"> <span class="p-name"><img src=x onerror=alert(1)></span> ...
- 3 webmention.js will execute an alert in your site