Anonymous GitHub fetches repository content (e.g., markdown files) from GitHub's API and renders it without sanitization. On the client side, markdown is parsed with marked (with sanitize: false) and injected into the DOM via $sce.trustAsHtml() + ng-bind-html, bypassing AngularJS's built-in XSS protection. An attacker can craft a malicious GitHub repository whose README executes arbitrary JavaScript in the Anonymous GitHub origin.
The server fetches the README via GitHub's REST API and stores the raw markdown in MongoDB:
// https://github.com/tdurieux/anonymous_github/blob/b2d77faa6c6f35ad9ae6ed46e3a3fa4681ac84c2/src/core/source/GitHubRepository.ts#L162-L174
const ghRes = await oct.repos.getReadme({
owner: this.owner,
repo: this.repo,
ref: selected?.commit,
});
const readme = Buffer.from(
ghRes.data.content,
ghRes.data.encoding as BufferEncoding
).toString("utf-8");
selected.readme = readme;
await model.save();
It is then served to the client with no sanitization:
// https://github.com/tdurieux/anonymous_github/blob/b2d77faa6c6f35ad9ae6ed46e3a3fa4681ac84c2/src/server/routes/repository-private.ts#L254-L260
return res.send(
await repo.readme({
accessToken: token,
force: req.query.force == "1",
branch: req.query.branch as string,
})
);
$sce.trustAsHtml() + ng-bind-htmlThe client fetches the raw README, parses it with renderMD() (which uses marked with sanitize: false), then bypasses AngularJS sanitization:
// https://github.com/tdurieux/anonymous_github/blob/b2d77faa6c6f35ad9ae6ed46e3a3fa4681ac84c2/public/script/app.js#L1219-L1226
const res = await $http.get(`/api/repo/${o.owner}/${o.repo}/readme`, {
params: { force: force === true ? "1" : "0", branch: $scope.source.branch },
});
$scope.readme = res.data;
//...
2.2.02.3.0Exploitability
AV:NAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:N8.1/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N