Vulnerability Description
A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML sanitization. Given that the application is based on the Electron framework, the XSS leads to remote code execution in an unsandboxed environment.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Typora | Typora | <= 0.9.81 |
| Linux | Linux Kernel | - |
| Apple | Macos | - |
Related Weaknesses (CWE)
References
- https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4PatchThird Party Advisory
- https://github.com/typora/typora-issues/issues/3124Third Party Advisory
- https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4PatchThird Party Advisory
- https://github.com/typora/typora-issues/issues/3124Third Party Advisory
FAQ
What is CVE-2019-20374?
CVE-2019-20374 is a vulnerability with a CVSS score of 9.6 (CRITICAL). A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability,...
How severe is CVE-2019-20374?
CVE-2019-20374 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-20374?
Check the references section above for vendor advisories and patch information. Affected products include: Typora Typora, Linux Linux Kernel, Apple Macos.