Vulnerabilities in User Settings and Authentication #291
Description
Vulnerabilities
Stored XSS
- In /app/components/Settings.jsx - Lines 170-172~: The user is allowed to change their signature
- In /app/components/Settings.jsx - Lines 43-47: Improper input validation, just checking for "script>" is not enough
if (this.props.settings.signature.match('script>')) {
return this.setState({
validationError: 'No script tags in signatures, sorry.',
});
}
- In app/components/ThreadPost.jsx - Lines 218-223: The user signature is being unsafely rendered:
return (
<div
className="signature"
dangerouslySetInnerHTML={this.renderAsHTML(this.props.user.signature)}
/>
);
An attacker might try to inject a payload that bypasses the "script>" check into the signature field of their account and it then can be rendered in the threads they post.
Insecure Hashing Logic
In /lib/authentication.js line 74:
var tokenHmac = crypto.createHmac('md5', file);
3 issues:
- MD5 is weaker than other hashing algorithms
- .update() is not being called, therefore the input file is used as the secret key to hash an empty string ("")
- The token is hard-coded (In config/environments.js):
app.set('signupToken', '4f84a8faebe285025181023b2247a51b');
All of these issues together might make it possible to brute-force the signupToken.
Insecure Comparison
In /lib/authentication.js line 84:
getMD5Hex(file.toString()) === rootRequire('app').app.get('signupToken')
"===" is exposed to timing attacks.
Patches
Stored XSS
Use proper HTML sanitization in handleSubmit. For example with DOMPurify or Node.js' "sanitize-html".
Insecure Hashing Logic
- Use at least SHA-256 rather than MD5
- Use .update and a secret key for hashing, for example: "crypto.createHmac('sha256', SECRET_KEY).update(file);"
- Create a random signupToken, for example: "crypto.randomBytes(32).toString('hex')"
Insecure Comparison
Use crypto.timingSafeEqual() for comparisons.