Typescript Kony Browser Html String
Description
Detects potentially unsafe HTML content handling in Kony UI Browser components that could lead to cross-site scripting (XSS) vulnerabilities. When the Browser widget is initialized with unvalidated or unsanitized HTML content, malicious scripts could be executed in the context of the application.
Detection Strategy
• Check for instantiation of 'kony.ui.Browser' components in the code
• Examine the first argument passed to the Browser constructor
• Verify if the configuration contains unsafe HTML content handling settings
• Flag instances where the Browser is initialized with configurations that allow arbitrary HTML content without proper sanitization
Vulnerable code example
function displayUserContent(): void {
// VULNERABLE: Direct use of user input in htmlString without sanitization
const userInput = frmInput.txtContent.text;
const browser = new kony.ui.Browser({
id: "contentBrowser",
isVisible: true,
htmlString: userInput // XSS vulnerability: unescaped user input rendered as HTML
}, { containerHeight: 100 }, {});...✅ Secure code example
function displayUserContent(): void {
// Sanitize user input to prevent XSS by encoding HTML special characters
const userInput = kony.string.htmlEncode(frmInput.txtContent.text);
const browser = new kony.ui.Browser({
id: "contentBrowser",
isVisible: true,
htmlString: `<div>${userInput}</div>` // Safe: encoded content in controlled structure...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.