| عنوان | givanz VvvebJs 2.0.5 Stored XSS |
|---|
| الوصف | 1. Unauthenticated Access & Stored XSS:
- A critical vulnerability exists in the upload.php endpoint of VvvebJs. The endpoint completely lacks authentication and access control mechanisms by default.
- An unauthenticated, remote attacker can directly send a POST request to upload files. Furthermore, the endpoint fails to sanitize the contents of uploaded SVG (Scalable Vector Graphics) files.
2. Exploiting the Vulnerability:
- Because SVG is an XML-based format that supports embedded JavaScript via attributes like onload, an attacker can upload a maliciously crafted .svg file containing arbitrary JavaScript code.
- Once the file is uploaded, it is stored in the /media/ directory. When any user (including administrators) accesses the direct URL of the uploaded SVG file, their browser parses the file and executes the embedded JavaScript payload within the context of the application's domain. |
|---|
| المصدر | ⚠️ https://tcn60zf28jhk.feishu.cn/wiki/Cr4KwMPiMi65fFkI9Vyc3oX2n0f?from=from_copylink |
|---|
| المستخدم | EthX0_ (UID 96627) |
|---|
| ارسال | 22/03/2026 12:20 PM (26 أيام منذ) |
|---|
| الاعتدال | 05/04/2026 05:32 PM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 355406 [givanz Vvvebjs حتى 2.0.5 File Upload Endpoint upload.php uploadAllowExtensions البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|