Describe the bug

Breif Overview

The Card component renders HTML content using dangerouslySetInnerHTML when extended={true} is enabled.

This rendering path is used in pages such as:

• /overview/use-cases (data from use-cases.json)
• /overview/case-studies (data from case-studies.json)

These JSON files intentionally contain HTML (e.g., links) and are rendered directly into the DOM without any sanitization.

This creates a critical Stored Cross-Site Scripting (XSS) vulnerability through the content contribution pipeline.

This vulnerability does not rely on user input. Instead, it arises from trusted repository content flowing into the DOM unsanitized, which makes it particularly dangerous because it bypasses traditional input validation assumptions.

Proof Of Concept:

XSS:

This allows an attacker to:

• Steal session cookies or authentication tokens (if any future integrations are added)
• Perform phishing by modifying page behavior
• Redirect users to malicious sites
• Inject crypto-miners or malicious scripts
• Deface official project pages
• Execute arbitrary JavaScript in the context of json-schema.org

This is particularly severe because it weaponizes the open-source contribution process as the attack vector.

Steps To Reproduce

1. Open use-cases.json or case-studies.json

2. Modify any summary field to include:

   <img src=x onerror=alert('XSS')>

3. Run the project locally

4. Visit: /overview/use-cases

5. The JavaScript executes in the browser

Expected Behavior

• HTML content rendered from repository JSON files should be sanitized before being injected into the DOM.

• Only safe HTML (links, formatting) should be allowed, and all executable JavaScript contexts must be removed.

Screenshots

Same as above.

Device Information [optional]

- OS: Ubuntu
- Browser: Brave
- version:

Are you working on this issue?

Yes

Do you think this work might require an [Architectural Decision Record (ADR)]? (significant or noteworthy)

No