| Title | lettura v0.1.22 XSS |
|---|
| Description | The description.content of media_object is directly concatenated into HTML and rendered via wraperWithRadix/HTMLReactParser without going through DOMPurify; controllable RSS content can be directly XSS'd to the main WebView, and the fact that CSP is off while Tauri allowlist is enabled with "fs" amplifies the impact. Attackers could exploit this vulnerability to launch an SSRF attack or read/write the contents of the Download folder. |
|---|
| Source | ⚠️ https://gist.github.com/youremailaddress/cba7c19a4eafcb326d0e912adf132be3 |
|---|
| User | cranb3rry (UID 72730) |
|---|
| Submission | 12/27/2025 03:13 (4 months ago) |
|---|
| Moderation | 01/04/2026 09:57 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 339487 [zhanglun lettura up to 0.1.22 RSS ContentRender.tsx cross site scripting] |
|---|
| Points | 19 |
|---|