F-2025-0028·input-validation
Unvalidated wallet image source
TL;DR
Wallet icon and image sources were rendered without validating the origin or content type, allowing attacker-controlled images (via a malicious wallet definition) to be loaded inside the trusted origin.
Severity
LOW
Impact
LOW
Likelihood
LOW
Method
MManual review
CAT.
Complexity
LOW
Exploitability
LOW
02Section · Description
Description
The widget rendered wallet icons and images from sources tied to wallet definitions without validating origin or content type. A malicious or compromised wallet entry could supply an image URL that loaded attacker-controlled content into the widget context.
03Section · Recommendation
Recommendation
Validate wallet image URLs against an allowlist of trusted hosts. Optionally proxy and content-type-check images through a controlled origin (similar mitigation as M-05).
Initia: Acknowledged. Pashov Audit Group: Acknowledged.