Description
A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML sanitization. Given that the application is based on the Electron framework, the XSS leads to remote code execution in an unsandboxed environment.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://github.com/typora/typora-issues/issues/3124
Patch, Third Party Advisory x_refsource_misc
https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4a0e
Scores
CVSS v3
9.6
EPSS
0.0217
EPSS Percentile
84.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Details
CWE
CWE-79
Status
published
Products (1)
typora/typora
< 0.9.81
Published
Jan 09, 2020
Tracked Since
Feb 18, 2026