Every digital creation has flaws, and in this blog, we’ll look at a recent discovery that shook the foundation of this popular open-source hierarchical note-taking application. While testing the thick client application, I discovered stored cross-site scripting vulnerabilities in the Title section, which appeared in an unusual place.
A vulnerability was discovered while adding new notes in Trilium Notes where the note titles were immediately shown in the “Note Map” function, possibly permitting HTML injection and cross-site scripting (XSS) attacks on both saved and reflected data. The need for security vigilance cannot be overstated.
Affected Versions: The vulnerability is present in versions of Trilium Notes stored in the GitHub repository
zadam/trilium
prior to version 0.59.4
trilium.exe
application."><img src="x" onerror=alert(1337) />
.Cross-Site-Scripting Payload used:
"><img src="x" onerror=alert(1337) />
https://drive.google.com/drive/folders/1Wt_BhUngMjFo3L2_7RhA4gFnYyJTHd5Z
I responsibly reported the vulnerability to the huntr.dev platform, which then engaged with the administrator of Trilium’s open-source repository. The report was meticulously validated, assigned an appropriate severity score, and promptly addressed through a new software release.
Subsequently, I was honored with the assignment of a CVE for my contribution to the security of the software ecosystem.
Officially disclosed report:
Official Announcements:
CVE-2023–3067 Detail:
Thank you for reading ✌🏻
Take care, fellow hackers!
Happy Hunting :>
You can connect with me on LinkedIn, or Twitter for more such insights!