yshopmall yshopmall V1.9.1 Incomplete Identification of Uploaded File Variables정보

제목	https://github.com/guchengwuyue/yshopmall yshopmall V1.9.1 Incomplete Identification of Uploaded File Variables
설명	From function co.yixiang.modules.system.rest.SysUserController#updateAvatar to function co.yixiang.utils.FileUtil#upload. Users can freely upload malicious files such as HTML and JSP, which can lead to XSS or even RCE vulnerabilities. Taint Propagation： SysUserController.updateAvatar() Line 205: @RequestParam MultipartFile file ↓ Line 206: userService.updateAvatar(file) ↓ SysUserServiceImpl.updateAvatar() Line 185: FileUtil.upload(multipartFile, avatar) ↓ FileUtil.upload() Line 163: File dest = new File(path).getCanonicalFile() ↓ Line 169: file.transferTo(dest)
원천	⚠️ https://github.com/guchengwuyue/yshopmall/issues/40
사용자	mukyuuhate (UID 93052)
제출	2026. 01. 27. PM 02:18 (3 개월 ago)
모더레이션	2026. 02. 07. AM 08:50 (11 days later)
상태	수락
VulDB 항목	344848 [guchengwuyue yshopmall 까지 1.9.1 co.yixiang.utils.FileUtil /api/users/updateAvatar 파일 권한 상승]
포인트들	20

Do you want to use VulDB in your project?

Use the official API to access entries easily!