DOS via Flowchart TB Mermaid on Wiki pages
HackerOne report #2279739 by toukakirishima
on 2023-12-10, assigned to @cmaxim:
Report | Attachments | How To Reproduce
Report
Summary
I found a DOS vulnerability when add wiki pages with Flowchart TB Mermaid, as an attacker I can make DoS and it takes a while to load, and uses 100% CPU.
Gitlab has been release patch for this vulnerability https://about.gitlab.com/releases/2023/11/30/security-release-gitlab-16-6-1-released/#client-side-dos-via-mermaid-flowchart. But Gitlab doesn't fix it on wiki pages.
Steps to reproduce
- Go to Wiki
- Create wiki and put payload
- Create page
- Reload the page. And you will load the page very long. And uses very high CPU
POC
bandicam_2023-12-10_19-58-03-946.mp4
Output of checks
This bug happens on GitLab.com
Impact
Attacker can make DoS in Wiki and it takes a while to load, and uses 100% CPU.
Attachments
Warning: Attachments received through HackerOne, please exercise caution!
How To Reproduce
Please add reproducibility information to this section: