Summary
A cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed.
Details
The problematic code is in web/app/components/base/markdown-blocks/code-block.tsx:208 and web/app/components/base/markdown-blocks/code-block.tsx:253:
try {
// eslint-disable-next-line no-new-func, sonarjs/code-eval
const result = new Function(`return ${trimmedContent}`)()
The code inside new Function () is executed as immediately-invoked function expression (IIFE).
PoC
- Run a chat app
- Input the payload
```echarts
({
title: { text: 'Test XSS' },
series: [],
_x: (() => {
alert('Hello');
return 1;
})()
})
Impact
Full arbitrary JavaScript execution in the victim’s browser, in the context of the app. That means:
- Account/session takeover via log
- Data exfiltration from the UI (chat history, files, secrets visible in DOM).
- Unauthorized actions via in‑app APIs using the victim’s session.
- If the payload is saved (chat history), it becomes stored XSS and hits any viewer later. If not saved, it’s reflected DOM XSS for the current viewer.
veganmosfet Reporter
Summary
A cross site scripting vulnerability has been found in the web application chat frontend when using
echarts. User or llm inputs containingechartscontaining a specific javascript payload will be executed.Details
The problematic code is in
web/app/components/base/markdown-blocks/code-block.tsx:208andweb/app/components/base/markdown-blocks/code-block.tsx:253:The code inside
new Function ()is executed as immediately-invoked function expression (IIFE).PoC
Impact
Full arbitrary JavaScript execution in the victim’s browser, in the context of the app. That means: