Skip to content

Security: DOM XSS via unsanitized innerHTML assignment#818

Open
tuanaiseo wants to merge 1 commit into
evolus:masterfrom
tuanaiseo:contribai/fix/security/dom-xss-via-unsanitized-innerhtml-assign
Open

Security: DOM XSS via unsanitized innerHTML assignment#818
tuanaiseo wants to merge 1 commit into
evolus:masterfrom
tuanaiseo:contribai/fix/security/dom-xss-via-unsanitized-innerhtml-assign

Conversation

@tuanaiseo
Copy link
Copy Markdown

@tuanaiseo tuanaiseo commented Apr 7, 2026

Problem

options.message is written directly into this.message.innerHTML without sanitization. If options.message can be influenced by untrusted input, arbitrary HTML/JS can execute in the renderer context.

Severity: high
File: app/views/common/PromptDialog.js

Solution

Replace innerHTML with textContent for plain text, or sanitize using a strict allowlist sanitizer before assigning HTML.

Changes

  • app/views/common/PromptDialog.js (modified)

Testing

  • Existing tests pass
  • Manual review completed
  • No new warnings/errors introduced

@tuanaiseo
fix(security): dom xss via unsanitized innerhtml assignment
eb1cb19 
`options.message` is written directly into `this.message.innerHTML` without sanitization. If `options.message` can be influenced by untrusted input, arbitrary HTML/JS can execute in the renderer context.

Affected files: PromptDialog.js

Signed-off-by: tuanaiseo <221258316+tuanaiseo@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tuanaiseo