| tiêu đề | Jawher Kl node-api-postgres 2.5 Unrestricted File Upload |
|---|
| Mô tả | A Critical Unrestricted File Upload vulnerability exists in the node-api-postgres application. In index.js, the POST /users/:id/profile-picture endpoint utilizes a locally instantiated multer configuration that completely omits the fileFilter and size limitations enforced elsewhere in the application. It preserves the original file extension using path.extname() and serves uploaded content statically via the /uploads directory. An attacker can bypass intended image restrictions to upload dangerous file types (such as .html or executable scripts), leading to Stored Cross-Site Scripting (XSS) or potential Remote Code Execution (RCE) depending on the server environment. |
|---|
| Nguồn | ⚠️ https://hackmd.io/@YzU_KiOzT86cEbFQdBceVg/Bk56LQQYbe |
|---|
| Người dùng | yeee3642 (UID 91336) |
|---|
| Đệ trình | 02/03/2026 16:16 (cách đây 2 các tháng) |
|---|
| Kiểm duyệt | 14/03/2026 23:40 (12 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 351098 [JawherKl node-api-postgres đến 2.5 Profile Picture index.js path.extname nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|