CVE-2022-0776

MEDIUM6.1EPSS 10.3%

Cross site scripting in reveal.js

Published: 3/2/2022Modified: 11/8/2023

Description

The onmessage event listener in /plugin/notes/speaker-view.html does not check the origin of postMessage before adding the content to the webpage. The vulnerable code allows any origin to postMessage on the browser window and feeds attacker's input to parts using which attacker can execute arbitrary javascript code on victim's browser window hosting reveal.js

Affected packages (1)

npm/reveal.jsfrom 0, < 4.3.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-0776
PATCHhttps://github.com/hakimel/reveal.js
WEBhttps://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2
WEBhttps://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001