Copy link to clipboard
Copied
Hello. Our internal auditors found a serious security issue because of a javascript file generated by RoboHelp in the WebHelp output. The file they identified was whnjs.htm. Here's the description:
This page has javascript which sets a frame on the page to the hash of the URL. This can be used as an
injection point for cross site scripting.
POC: https://xxx.xxx/WebHelp/whnjs.htm#javascript:alert(1) //
Internet Explorer only.
Does this mean anything to anyone here? I'm using RH9. I'm hoping just an upgrade to v11 will fix this, as I can easily justify that cost with an issue like this.
Thanks, Josh
Copy link to clipboard
Copied
Well, there's no RH11 (yet) - RH10 is as high as it gets currently. There have been other posts about security issues and Javascript, but to do away with frames, you probably need to generate the new Multiscreen HTML5 help.
Copy link to clipboard
Copied
Hi,
I've contacted Adobe about this issue and here is their reaction:
RH parses the URL to ensure this in relative path in Webhelp folder. Then it open that file path in that frame. If path is not as expected it opens default topic.
For example given below (https://xxx.xxx/WebHelp/whnjs.htm#javascript:alert(1) ) opens default topic.
This does not seem XSS vulnerability issue.
Please let us know if any one observed more than this.
It seems that this isssue is not an XSS vulnerability. You can respond to this question and I can relay any further questions/remarks.
Greet,
Willam