Soumettre #768030: Bytedesk <=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)information

TitreBytedesk <=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)
DescriptionThe authenticated file upload endpoint routes SVG files through UploadWatermarkService.addWatermarkToFile(), which writes the file to disk without stripping embedded JavaScript. The POC uploads an SVG containing <script>alert(...)></script> to POST /api/v1/upload/file; the server returns HTTP 200 and a public URL. Visiting the URL triggers Stored XSS, bypassing watermark processing without sanitization.
La source⚠️ https://github.com/Bytedesk/bytedesk/issues/19
Utilisateur
 ZAST.AI (UID 87884)
Soumission26/02/2026 07:03 (il y a 2 mois)
Modérer07/03/2026 21:23 (10 days later)
StatutAccepté
Entrée VulDB349727 [Bytedesk jusqu’à 1.3.9 SVG File UploadRestService.java handleFileUpload élévation de privilèges]
Points20

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!