You could send that link to an unsuspecting user and steal their cookies, make API requests to send ...

wonnage • last Thursday at 8:54 PM • 1 reply • view on HN

You could send that link to an unsuspecting user and steal their cookies, make API requests to send messages on their behalf, etc

Apparently one of the other linked posts shows how you can also gain RCE, since the docs are statically pre-rendered and there’s no sandboxing to prevent you from evalling arbitrary JavaScript.

Replies

Willish42 • last Thursday at 10:40 PM

> Apparently one of the other linked posts shows how you can also gain RCE

Yep, here it is: https://kibty.town/blog/mintlify/

Also linked in his guide (which I missed) and [here in a separate HN post](https://news.ycombinator.com/item?id=46317546). I think this other author's post is a lot more detailed and arguably more useful to folks reading on HN.

alt Hacker News

Replies