Typora DOM-Based Cross-site Scripting leading to Remote Code Execution
CVE-2023-2317

8.6HIGH

Key Information:

Vendor: Typora
Status: Typora
Vendor: CVE Published:; 19 August 2023

What is CVE-2023-2317?

Typora, a popular markdown editor, has a vulnerability that allows DOM-based Cross-Site Scripting (XSS) through the updater interface. On Windows and Linux systems, if a user opens a specially crafted markdown file or pastes text from a compromised webpage into Typora, arbitrary JavaScript code can be executed within the context of the Typora main window. This exploitation occurs via the loading of the updater page through the 'typora://app/typemark/updater/update.html' embedded tag, potentially leading to severe misuse of the application.

Affected Version(s)

Typora Windows 0 < 1.6.7

References

https://support.typora.io/What's-New-1.6/

release-notes

https://starlabs.sg/advisories/23/23-2317/

third-party-advisory

EPSS Score

49% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2023
Vulnerability Reserved
Apr 27, 2023

Credit

Li Jiantao (@CurseRed) of STAR Labs SG Pte. Ltd. (@starlabs_sg)

JSON