| Título | AstrBotDevs AstrBot 4.25.2 Cross-site Scripting (CWE-79) |
|---|
| Descripción | # Technical Details
A template/script injection vulnerability exists in the `Star.text_to_image` and `NetworkRenderStrategy.render` methods in `astrbot/core/star/base.py` and `astrbot/core/utils/t2i/network_strategy.py` of AstrBot.
The application fails to sanitize untrusted user input before rendering it in bundled HTML templates for the text-to-image (T2I) feature.
# Vulnerable Code
File: astrbot/core/utils/t2i/template/base.html
Method: [Template Rendering]
Why: The default bundled template embeds the text using `{{ text | safe }}` inside a `<textarea>`, which disables HTML escaping. An attacker can use `</textarea><script>...</script>` to break out of the textarea and execute arbitrary scripts.
# Reproduction
1. Ensure the T2I feature is enabled using the remote rendering strategy.
2. Supply untrusted text containing a payload like: `</textarea><script>alert('xss')</script>` directly into the chat or message flow.
3. Observe that the payload breaks out of the textarea during Markdown-to-`innerHTML` rendering and executes as a script in the remote T2I renderer context.
# Impact
- Inject script/HTML into the remote T2I renderer context.
- Tamper with or falsify rendered output images.
- Potentially expand impact depending on the renderer’s capabilities and isolation boundaries. |
|---|
| Fuente | ⚠️ https://gist.github.com/YLChen-007/2abcecece4369c46cc8405e597c0528b |
|---|
| Usuario | Eric-d (UID 96861) |
|---|
| Sumisión | 2026-06-09 10:51 (hace 1 mes) |
|---|
| Moderación | 2026-07-17 15:39 (1 month later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 379788 [AstrBotDevs AstrBot hasta 4.25.2 T2I Feature base.py Star.text_to_image/NetworkRenderStrategy.render secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 20 |
|---|