Submeter #768030: Bytedesk <=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)informação

TítuloBytedesk <=1.3.9 Unrestricted Upload of File with Dangerous Type (CWE-434)
DescriçãoThe authenticated file upload endpoint routes SVG files through UploadWatermarkService.addWatermarkToFile(), which writes the file to disk without stripping embedded JavaScript. The POC uploads an SVG containing <script>alert(...)></script> to POST /api/v1/upload/file; the server returns HTTP 200 and a public URL. Visiting the URL triggers Stored XSS, bypassing watermark processing without sanitization.
Fonte⚠️ https://github.com/Bytedesk/bytedesk/issues/19
Utilizador
 ZAST.AI (UID 87884)
Submissão26/02/2026 07h03 (há 2 meses)
Moderação07/03/2026 21h23 (10 days later)
EstadoAceite
Entrada VulDB349727 [Bytedesk até 1.3.9 SVG File UploadRestService.java handleFileUpload Elevação de Privilégios]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!