Listen to this Post
The vulnerability stems from three compounding flaws in Note Mark’s asset handling and delivery path. First, the asset delivery route at `huma.Get(api, “/api/notes/{noteID}/assets/{assetID}”, h.GetNoteAssetContentByID)` allows an attacker to deliver uploaded content directly to a victim via a URL. Second, the asset handler relies on the `h2non/filetype` library for Content-Type detection, which uses magic-byte matching and fails to identify text-based active content such as HTML, SVG, JavaScript, XML, or XHTML. For these files, `filetype.Match` returns Unknown, leaving the `Content-Type` header unset or empty, so uploaded active content is served without an authoritative MIME type. Third, the asset response is sent with `inline` disposition but does not set the `X-Content-Type-Options: nosniff` header. This combination allows browsers to sniff the content, detect HTML or SVG, and execute embedded JavaScript. Because the asset is served from the application’s own origin, the script runs with same-origin access to the application and its authenticated APIs, turning an uploaded asset into a stored XSS payload that executes when a victim opens the asset URL.
Platform: Note Mark
Version: 1.10.3
Vulnerability: Stored XSS
Severity: Critical
date: 2026-04-13
Prediction: 2026-05-01
What Undercode Say:
Simulate missing Content-Type and nosniff header curl -I https://notemark.example.com/api/notes/123/assets/456 Expected headers: Content-Disposition: inline (no nosniff, Content-Type empty)
// PoC SVG payload for asset upload
<svg xmlns="http://www.w3.org/2000/svg">
<script>alert('XSS via SVG asset');</script>
</svg>
Exploit:
An authenticated attacker uploads a malicious SVG file as a note asset. The asset is stored and served via the vulnerable endpoint. When a victim navigates to the asset URL, the browser, lacking a safe Content-Type and the nosniff directive, renders the SVG inline, executing the embedded JavaScript in the context of the application’s origin. This gives the attacker access to the victim’s authenticated Note Mark API actions, including private notes, books, profile data, and any actions the victim can perform.
Protection from this CVE:
- Upgrade to Note Mark version 1.10.3 or later.
- Ensure the `X-Content-Type-Options: nosniff` header is set for all asset responses.
- Enforce strict Content-Type validation on the server side, rejecting active content types (HTML, SVG, JS) for asset uploads.
- Implement a Content Security Policy (CSP) to restrict script execution.
- Sanitize uploaded files, removing or neutralizing any active content.
Impact:
An attacker can execute arbitrary JavaScript in the context of any victim who opens a malicious asset URL. This allows full compromise of the victim’s session, including reading and modifying private notes, stealing authentication tokens, and performing any API action the victim is authorized to do. The vulnerability affects all deployments that allow asset uploads and do not have the patch applied.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

