Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] Markdown Parsing Error results in incorrectly formatted note - possible server-side arbitrary code execution #40

Open
iwyatt opened this issue Mar 11, 2023 · 0 comments

Comments

@iwyatt
Copy link

iwyatt commented Mar 11, 2023

Describe the bug
The markdown entered, is not parsed correctly, resulting in poorly formatted text, including italics, missing spaces, and more. I suspect that dollar sign ($) is escaping characters in the markdown parser, and may be a potential vulnerability to executing server-side code execution of arbitrary code.

To Reproduce
Steps to reproduce the behavior:

  • Enter the following text in an Obsidian Note and share to notespace:
# Example
If my household's annual expenses to support our current lifestyle are (just picking a round number for simplicity) is $100,000, we then divide that by 0.04 (4%)[^2] and the result is $2.5 million. That's the target number. Once my household's net worth is $2.5M then we can retire. Of course, if you are willing to live on less in retirement than what you have now, you can reduce your target number eg if in retirement you can live on $35,000/y then the target number is $875k.

> ⚠ There is a lot of nuance and assumptions in the above, and I am not a financial advisor - so definitely do your own research and talk to people you trust.
  • View the notespace note. The above markdown gets rendered as:
    image

Expected behavior
The markdown should instead be rendered as:
image

Screenshots

Environment (please complete the following information):

  • OS: Windows10
  • Brave Browser v1.49.120
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant