CVE-2023-43193: Submitty Cross-Site Scripting (XSS) Vulnerability Report Introduction Submitty before v22.06.00 is vulnerable to Cross-Site Scripting (XSS). An attacker can create a malicious link in the forum that leads to XSS. CVSS Score CVSS v3.1: 6.5 Vector: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L Impact Confidentiality: The attacker can read any data within the victim's context. Integrity: The attacker can utilize the victim's privilege to perform actions as that user. Availability: If the victim is an administrator, the attacker can prevent the service from running. Likelihood Skill Required: Basic knowledge of XSS and Markdown. Conditions: The attacker must be able to send a malicious link to the forum, and the victim must click the link to trigger the attack. Discoverability: Easy to find. Problem Details Overview: XSS vulnerability within the Markdown rendering functionality of the forum component. Cause: Inadequate sanitization of user input in Markdown links. Affected Area: The forum component of Submitty. Root Cause Misconfiguration: The library's option was not explicitly set to , allowing URLs. Steps to Reproduce 1. Access the forum component of Submitty (any version before v22.06.00). 2. Create a new post using Markdown with as payload. 3. Submit the new post. 4. Click the link, triggering the script. Remediations Set the option to when using the library. References Fixed in pull request 8032.