| Título | AstrBotDevs AstrBot 4.25.2 Cross-site Scripting (CWE-79) |
|---|
| Descrição | # Technical Details
A template/script injection vulnerability exists in the `Star.text_to_image` and `NetworkRenderStrategy.render` methods in `astrbot/core/star/base.py` and `astrbot/core/utils/t2i/network_strategy.py` of AstrBot.
The application fails to sanitize untrusted user input before rendering it in bundled HTML templates for the text-to-image (T2I) feature.
# Vulnerable Code
File: astrbot/core/utils/t2i/template/base.html
Method: [Template Rendering]
Why: The default bundled template embeds the text using `{{ text | safe }}` inside a `<textarea>`, which disables HTML escaping. An attacker can use `</textarea><script>...</script>` to break out of the textarea and execute arbitrary scripts.
# Reproduction
1. Ensure the T2I feature is enabled using the remote rendering strategy.
2. Supply untrusted text containing a payload like: `</textarea><script>alert('xss')</script>` directly into the chat or message flow.
3. Observe that the payload breaks out of the textarea during Markdown-to-`innerHTML` rendering and executes as a script in the remote T2I renderer context.
# Impact
- Inject script/HTML into the remote T2I renderer context.
- Tamper with or falsify rendered output images.
- Potentially expand impact depending on the renderer’s capabilities and isolation boundaries. |
|---|
| Fonte | ⚠️ https://gist.github.com/YLChen-007/2abcecece4369c46cc8405e597c0528b |
|---|
| Utilizador | Eric-d (UID 96861) |
|---|
| Submissão | 09/06/2026 10h51 (há 1 mês) |
|---|
| Moderação | 17/07/2026 15h39 (1 month later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 379788 [AstrBotDevs AstrBot até 4.25.2 T2I Feature base.py Star.text_to_image/NetworkRenderStrategy.render Script de Site Cruzado] |
|---|
| Pontos | 20 |
|---|