Groups
Sign in
Groups
rubysec-announce
Conversations
About
Send feedback
Help
Fwd: redcarpet <=3.2.2 (and related ruby gems) allow for possible XSS via autolinking of untrusted markdown
44 views
Skip to first unread message
Reed Loden
unread,
Apr 7, 2015, 9:25:59 PM
4/7/15
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to rubysec-announce
Re-posting, as my initial send to rubysec-announce@ bounced. :(
---------- Forwarded message ----------
From:
Reed Loden
<
re...@reedloden.com
>
Date: Tue, Apr 7, 2015 at 2:11 PM
Subject: redcarpet <=3.2.2 (and related ruby gems) allow for possible XSS via autolinking of untrusted markdown
To: Assign a CVE Identifier <
cve-a...@mitre.org
>,
rubysec-...@googlegroups.com
,
oss-se...@lists.openwall.com
,
ruby-sec...@googlegroups.com
Title: redcarpet and related gems allow for possible XSS of untrusted markdown if autolink extension is enabled
Date: 2015-04-07
CVE: Yet to be assigned.
Credit: Daniel LeCheminant (@d_lec)
Download:
https://rubygems.org/gems/redcarpet
Description: Markdown to (X)HTML parser
Fix:
https://github.com/vmg/redcarpet/commit/e5a10516d07114d582d13b9125b733008c61c242
This fix is included in Redcarpet 3.2.3.
Initial research suggests this issue affects:
*
https://github.com/vmg/sundown
1.16.0 (last version before the library was deprecated)
*
https://github.com/vmg/redcarpet
3.2.2
*
https://github.com/hoedown/hoedown
3.0.1
It also affects other (less popular) libraries based off of sundown, including:
*
https://github.com/benmills/robotskirt
2.7.1
*
https://github.com/FSX/misaka
1.0.2
*
https://github.com/chobie/php-sundown
0.3.11
Users of these libraries may be vulnerable if the autolink extension is enabled.
More information is available at:
*
http://danlec.com/blog/bug-in-sundown-and-redcarpet
(excellent write-up!)
*
https://hackerone.com/reports/46916
~reed
Reply all
Reply to author
Forward
0 new messages