Login Sign Up

CVE-2021-23342

8.6 HIGH
Cross-Site Scripting

📋 TL;DR

This is a cross-site scripting (XSS) vulnerability in docsify documentation generators before version 4.12.0. Attackers can bypass previous security fixes to inject malicious JavaScript through sidebar content or URL parsing, potentially compromising user sessions. Anyone using vulnerable docsify versions for documentation websites is affected.

💻 Affected Systems

Products:
  • docsify
Versions: All versions before 4.12.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects docsify when used with remote URL content loading or sidebar functionality enabled.

📦 What is this software?

Docsify by Docsifyjs

View all CVEs affecting Docsify →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete account takeover, session hijacking, credential theft, and malware distribution to all website visitors through persistent XSS payloads.

🟠

Likely Case

Session hijacking, credential theft, and defacement of documentation sites through injected malicious scripts.

🟢

If Mitigated

Limited impact with proper content security policies and input validation, but still potential for limited script execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit details available in security advisories with specific bypass techniques documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.12.0 and later

Vendor Advisory: https://github.com/docsifyjs/docsify/commit/ff2a66f12752471277fe81a64ad6c4b2c08111fe

Restart Required: No

Instructions:

1. Update docsify to version 4.12.0 or later using npm: npm update docsify 2. Verify the update completed successfully 3. Test documentation functionality

🔧 Temporary Workarounds

Disable remote URL loading

all

Prevent docsify from loading content from remote URLs to block the primary attack vector

Configure docsify to only load local content files

Implement Content Security Policy

all

Add strict CSP headers to limit script execution sources

Add Content-Security-Policy header with script-src 'self'

🧯 If You Can't Patch

  • Implement web application firewall rules to detect and block XSS payloads in URLs and sidebar content
  • Disable sidebar functionality if not essential for documentation needs

🔍 How to Verify

Check if Vulnerable:

Check docsify version in package.json or via npm list docsify

Check Version:

npm list docsify | grep docsify

Verify Fix Applied:

Confirm version is 4.12.0 or higher and test that remote URL content is properly sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual URL patterns with multiple slashes (////)
  • JavaScript execution errors in sidebar context
  • Unexpected remote content loading

Network Indicators:

  • HTTP requests with malicious script patterns in query parameters
  • Unusual content loading from external sources

SIEM Query:

web_logs WHERE url CONTAINS '////' OR url CONTAINS '<script' OR user_agent CONTAINS 'docsify'

📊 Metadata

CVE ID: CVE-2021-23342
CVSS v3 Score: 8.6 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CWE: CWE-79
Published: February 19, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-23342, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)