[Bug]: Potential stored XSS

### Describe the bug

Creating/editing module we can edit main.vue, so it leads to stored XSS and also potential impact for interact with WebSocket using valid origin.
Potential impact: Low privilege user affect on high privilege
![image_2023-01-27_03-57-55](https://user-images.githubusercontent.com/33719402/217462029-c8f5322f-56df-43c8-a54a-29292ab5fcc2.png)


### Steps to Reproduce

1. Create/edit module
2. Edit main.vue and add for example: alert("xss") in script block
3. Open module and browser will render this main.vue
4. Get XSS alert, or interact with WebSocket using Cross-site Websocket Hijacking bug

[Place](https://github.com/vxcontrol/soldr/blob/38b606ec69971d67e866b1edff4083c6233d2353/pkg/app/api/server/proto/proto.go#L111) where not implemented origin check => CSWSH
Exploiting XSS we can interact with WS-server tusing valid origin, so better use CSRF-token to prevent this situations


### Screenshots, screen recording, code snippet
Get XSS alert
![image_2023-01-27_03-57-55](https://user-images.githubusercontent.com/33719402/221618595-1cdf1ea8-1193-431f-a128-009364de823e.png)


### Environment information

module version: 1.0.1

### Which agent binary used?

- [ ] darwin-amd64
- [ ] linux-386
- [ ] linux-amd64
- [ ] windows-386
- [x] windows-amd64

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug]: Potential stored XSS #89

Describe the bug

Steps to Reproduce

Screenshots, screen recording, code snippet

Environment information

Which agent binary used?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Bug]: Potential stored XSS #89

Description

Describe the bug

Steps to Reproduce

Screenshots, screen recording, code snippet

Environment information

Which agent binary used?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions