Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access to DOM through MYR's IDE presents multiple security vulnerabilities #446

Open
samuel-zuk opened this issue Feb 19, 2021 · 0 comments
Open

Access to DOM through MYR's IDE presents multiple security vulnerabilities #446

samuel-zuk opened this issue Feb 19, 2021 · 0 comments
Assignees
@jdones01
Labels
bug Something isn't working Editor Frontend Issues being caused via the frontend High Priority

Comments

@samuel-zuk
Copy link
Contributor

Currently, user MYR code can access the JS "document" & "window" object, which presents a whole range of opportunities for malicious code execution (as anything can then be injected into the DOM). Steps must be taken to minimize the potential damage that running a JavaScript code sandbox entails.
@samuel-zuk samuel-zuk added bug Something isn't working Editor Frontend Issues being caused via the frontend High Priority labels Feb 19, 2021
@samuel-zuk samuel-zuk self-assigned this Feb 19, 2021
@Jlu18 Jlu18 assigned jdones01 and unassigned samuel-zuk Feb 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jdones01 jdones01

Labels
bug Something isn't working Editor Frontend Issues being caused via the frontend High Priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@samuel-zuk @jdones01