| Название | Juzaweb Juzaweb CMS 3.4.2 Cross-Site Scripting |
|---|
| Описание | Vulnerability Description
This vulnerability allows an attacker with access to the profile page to upload a malicious SVG file, even with extension filters enabled.
Impact
By exploiting this vulnerability, the attacker can execute scripts that can lead to different malicious activities, such as redirects, malware installation, among others.
To reproduce:
1) Create a new user and add it to a role with all permissions disabled;
2) Log in with that user's account;
3) Access the "Profile" page;
4) Click on the "Avatar" field and select a malicious .svg file to be uploaded;
5) Intercept the upload request with a proxy, such as Burp Suite;
6) Change the value of the "type" parameter from "image" to "file" and continue with the request;
7) Note that even if an error is returned on the front-end, the file is uploaded on the "Media" page;
8) Directly accessing the file address and the malicious payload is triggered.
|
|---|
| Источник | ⚠️ https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_avatar_xss.md |
|---|
| Пользователь | Anonymous User |
|---|
| Представление | 24.05.2025 02:44 (1 Год назад) |
|---|
| Модерация | 01.06.2025 12:48 (8 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 310753 [juzaweb CMS до 3.4.2 Profile Page upload Загрузить межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|