flatCore / flatCore-CMS

flatCore is a Web Content Management System (CMS) based on PHP and MySQL/SQLite.
https://flatcore.org
GNU General Public License v3.0
50 stars 16 forks source link

Store XSS in Edit picture/file function #66

Closed PwnForCard closed 1 year ago

PwnForCard commented 3 years ago

Describe the bug Store XSS in Edit picture/file function

To Reproduce Steps to reproduce the behavior:

  1. Use the account to login to the admin interface
  2. Upload files or photos via the upload function
  3. In the file management interface, use the image or file information editing function
  4. Insert xss payload in "Alt" field then save
  5. Payload is executed Screenshots image

XSS Payload: "><img src=a onerror=alert(document.domain)>

  1. Then every time the image/file info editing function is used, the payload executes

Desktop (please complete the following information):

patkon commented 3 years ago

Thank you for reporting. I'll fix that.

PwnForCard commented 3 years ago

yeah, looking forward to hearing from you soon.