| عنوان | Juzaweb Juzaweb CMS 3.4.2 Cross-Site Scripting |
|---|
| الوصف | Vulnerability Description
This vulnerability allows an attacker with access to the profile page to upload a malicious SVG file, even with extension filters enabled.
Impact
By exploiting this vulnerability, the attacker can execute scripts that can lead to different malicious activities, such as redirects, malware installation, among others.
To reproduce:
1) Create a new user and add it to a role with all permissions disabled;
2) Log in with that user's account;
3) Access the "Profile" page;
4) Click on the "Avatar" field and select a malicious .svg file to be uploaded;
5) Intercept the upload request with a proxy, such as Burp Suite;
6) Change the value of the "type" parameter from "image" to "file" and continue with the request;
7) Note that even if an error is returned on the front-end, the file is uploaded on the "Media" page;
8) Directly accessing the file address and the malicious payload is triggered.
|
|---|
| المصدر | ⚠️ https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_avatar_xss.md |
|---|
| المستخدم | Anonymous User |
|---|
| ارسال | 24/05/2025 02:44 AM (1 سنة منذ) |
|---|
| الاعتدال | 01/06/2025 12:48 PM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 310753 [juzaweb CMS حتى 3.4.2 Profile Page upload تحميل البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|