[Michal Benkowki] has a good summary of his research which boils down to the following attack scenario:These sort of attacks require several things to go right, but it's possible. The technique is explained in more detail at Securitum.
Visit a malicious site. Copy something to the clipboard which allows the site to put in a dangerous payload. Visit another site with a browser-based visual editor (e.g., Gmail or WordPress) Paste the clipboard into the editor.
The issue is that the editors accept HTML data and this allows the clipboard to inject JavaScript. If you’ve never worked with the clipboard at the API level, it might surprise you to learn that the clipboard usually has more than one item in it at a time. For example, the clipboard could have some plain text, some HTML, and a special proprietary format all at one time. Presumably, though, all of those items represent the same information.
Copy & paste deemed a security risk
Posted on Monday, June 22 2020 @ 11:28 CEST by Thomas De MaesschalckHackaday reminds us that most of the common things we do on a PC could pose a security risk. In a new article, the site highlights the dangers of the copy & paste functionality. The idea here of a potential attack scenario is that a malicious site could copy a dangerous payload to the clipboard, which could be executed by the browser when the user pastes the content of the clipboard into a browser-based visual editor:
