Windmill: Rogue Workspace Admins can inject code via unescaped workspace environment variable interpolation in NativeTS executor

Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Workspace environment variable values are interpolated into JavaScript string literals without escaping single quotes in the NativeTS executor. A workspace admin who sets a custom environment variable with a value containing `'` can inject arbitrary JavaScript that executes inside every NativeTS script in that workspace. This is a code injection bug in `worker.rs`, not related to the sandbox/NSJAIL topic. Version 1.664.0 patches the issue.

N/A

对生成代码的控制不恰当(代码注入)

WindMill 代码注入漏洞

WindMill是Lukasavicus个人开发者的一个免费的开源工具。用于控制 Python 中的作业执行。 WindMill 1.664.0之前版本存在代码注入漏洞，该漏洞源于工作区环境变量值在未转义单引号的情况下插入JavaScript字符串字面量，可能导致工作区管理员注入任意JavaScript代码。

N/A

N/A