skip to content
Back to GitHub.com
Home Bounties Research Advisories Get Involved Events
August 18, 2022

GHSL-2022-029: XSS in Toast UI Grid - CVE-2022-23458

GitHub Security Lab

Coordinated Disclosure Timeline

Summary

The nhn/tui.grid component is vulnerable to XSS attacks when pasting specially crafted content into editable cells.

Product

Toast UI Grid

Tested Version

4.21.1

Details

Issue: XSS pasting HTML in editable cell (GHSL-2022-029)

There is a vulnerability when specially crafted html content is pasted in an editable cell.

PoC:

  1. Open https://cdn.sekurak.pl/copy-paste/playground.html
  2. Paste <img src="" onerror="alert(123)" /> into the HTML Input box and click Copy as HTML
  3. Go to https://ui.toast.com/tui-grid
  4. Double click an input cell (eg. one in the “Artist” column), and paste the HTML you copied in [2].
  5. Exit the cell by clicking any other cell.
  6. JavaScript: alert(123) is executed.

Impact

This issue may lead to XSS.

Resources

CVE

Credit

This issue was discovered by CodeQL team members @kaeluka (Stephan Brandauer) and @erik-krogh (Erik Krogh Kristensen), using a CodeQL query originally contributed by community member @bananabr (Daniel Santos).

Contact

You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2022-029 in any communication regarding this issue.