search

blogifierdotnet / Blogifier

Blogifier is an open-source publishing platform Written in ASP.NET and Blazor WebAssembly. With Blogifier make a personal blog or a website.
https://blogifier.net
MIT License
1.28k stars 518 forks source link

Stored XSS on upload files. #317

Closed tuando243 closed 2 years ago

tuando243 commented 2 years ago

Describe the bug The web application allows image upload and attacker was able to upload a file containing HTML content. XSS payload can be injected in the file uploaded.

Steps to reproduce

  1. Login as admin.
  2. Click on 'New post'.
  3. Click on 'Insert Image' and upload .html file with xss payload inside.
  4. View the file with path in response.

1

2

3

rxtur commented 2 years ago

Fixed with commit 97fcdac