Sveltia CMS: Stored XSS in Markdown/RichText preview via unsandboxed same-origin iframe
📋 Description
Impact
A stored cross-site scripting (XSS) vulnerability affected the Markdown/RichText field preview renderer in Sveltia CMS.
The DOMPurify sanitization configuration used for Markdown previews explicitly permitted iframe elements without enforcing a sandbox attribute or restricting iframe sources. Sanitized Markdown output was then inserted into the CMS preview DOM as raw HTML. Because no sandboxing or source validation was applied, a Markdown field containing an iframe whose src pointed to a same-origin uploaded or publicly accessible HTML asset would render an unsandboxed iframe. JavaScript in the framed document could then access the parent CMS window via the browser’s same-origin policy, allowing it to read and write the parent window’s state, DOM, and browser storage, and to trigger actions in the CMS context.
The practical impact is limited in currently supported Sveltia CMS usage because the CMS is intended for a single developer or a small trusted team, and open authoring / untrusted multi-user authoring is not currently implemented. Exploitation requires the ability to place malicious content into the repository or content source that the CMS loads.
Patches
The issue has been patched by replacing the direct DOMPurify call in the Markdown preview renderer with a two-pass sanitization pipeline:
- DOMPurify processes the raw HTML as before.
- A post-processing step validates every
iframeelement in the sanitized output. Any iframe whose src does not use anhttps://URL, uses a same-origin URL, uses a relative path, or uses any other non-HTTPS scheme (javascript:,data:,blob:, , etc.) is removed from the output. Surviving iframes (HTTPS cross-origin only) have asandboxattribute enforced with at minimumallow-scripts allow-same-origin, which confines the framed document to its own origin and prevents it from accessing the parent CMS window.
Users should upgrade to Sveltia CMS v0.167.3 or later.
Workarounds
If upgrading is not immediately possible, avoid loading CMS content from untrusted authors and review Markdown field content for iframe elements pointing to same-origin or relative paths.
Administrators can also reduce exposure by limiting repository or content source write access to trusted users only.
References
- sveltia/sveltia-cms@
8c46294 - https://github.com/sveltia/sveltia-cms/releases/tag/v0.167.3
🎯 Affected products1
- npm/@sveltia/cms:< 0.167.3