Lumiverse TSX Component Sandbox Escape Vulnerability Allowing In-Browser Code Execution

A vulnerability in Lumiverse versions prior to 0.9.7 allows for unauthorized access to the component override system. The issue arises because user-supplied TSX is transpiled and executed in a way that obscures critical global functions, such as fetch and window, but can be manipulated to restore access. This is achieved by bypassing a static source validation that blocks certain identifiers, enabling the reconstruction of blocked names at runtime. Additionally, the vulnerability exploits the useRef and useEffect hooks to access live DOM nodes, from which the real window object can be retrieved, circumventing the identifier shadows. The vulnerability is packaged and delivered through malicious theme packs, which, when imported and activated by a user, execute the payload within the user's authenticated session.

Impact

Exploitation of this vulnerability allows for full in-browser code execution in the context of the victim's Lumiverse session. It also enables the inclusion of the HttpOnly session cookie in requests to the same origin, creating a potential for server-side remote code execution.

Reproduction

To reproduce this vulnerability, first create a malicious Lumiverse theme pack that includes a payload designed to exploit the TSX component override system. This payload should be crafted to bypass the static source validator and escape the sandbox using a DOM reference. Once the theme pack is prepared, import it into Lumiverse via the Theme Editor. After importing, enable the component override associated with the payload. Finally, open a chat in Bubble layout mode, where the payload will execute, taking advantage of the bypassed controls to achieve code execution.

Remediation

Users should update to Lumiverse version 0.9.7 or later, where this vulnerability has been fixed.