Use of msapp.execunsafelocalfunction

What does this mean ?

Disables script injection validation for the passed function within the local context.

What can happen ?

Calling this function can lead to serious security concerns such as HTML and script injection issues.

Recommendation

Use document.createElement() or similar methods instead.

Sample Code

JS

Vulnerable :

MSApp.execUnsafeLocalFunction(function() {
    var body = document.getElementsByTagName('body')[0];
    body.innerHTML = '<div style="color:' + textColor + '">example</div>';
});

Non Vulnerable :

var body = document.getElementsByTagName('body')[0];

var exampleDiv = document.createElement('div');
exampleDiv.style.color = textColor;
exampleDiv.innerText = 'example';

body.appendChild(exampleDiv);

References

• https://learn.microsoft.com/en-us/previous-versions/hh772324(v=vs.85)