2

Currently, I am working on a CMS/Framework I developed that is similar to Wordpress, in that it is a platform for admins to create/post content for users.

I am saving the HTML that is generated by editor fields in my database, and binding the HTML within my JSON response in the client to be displayed once it is retrieved. However, often times, a lot of sanitization is done in order to display the HTML to protect against XSS attacks. Which I definitely understand why.

However, in this case where the site administrator is generating the content. As long as the administrators takes other good security actions (Such as securing their accounts with strong passwords, and securing their servers), and are not malicious themselves, it could be safe to say that the HTML is trusted, and should not be considered vulnerable to XSS correct? I am going to write documentation on the framework soon, and would like to bring up any of the caveats the framework may have, so that developers are aware.

Any advice would be appreciated. Or if there are any other major security holes I should look out for, please let me know.

Thank you!

Torch2424
  • 23
  • 2

1 Answers1

1

If by "administrator" you mean the person with all the rights, then this is fine and not considered a vulnerability. If you also have a more privileged "superadministrator", then the administrator could elevate their privileges to superadministrator via XSS.

There are some vulnerabilities whose impact would be increased by this. For example CSRF would now have the full power of XSS.

You should also document this - WordPress eg documents this as well - , so that people are aware of it (and so you don't get reports about issues which you do not consider vulnerabilities).

tim
  • 29,018
  • 7
  • 95
  • 119
  • Thanks for the great response. I will be sure to, and I'm glad I am now more aware of these things. I actually never heard of CSRF before, so it was a nice read. Thank you! – Torch2424 Mar 14 '17 at 18:47