This is done by specifying an image file extension in the uploaded file title (e.g., uploading my-script.js as my-script.png). The browser still processes this as the given file extension (e.g., .png), so it's not actually executing any code. However, the file is able to be hosted, which feels like a vulnerability.
This is done by specifying an image file extension in the uploaded file title (e.g., uploading
my-script.js
asmy-script.png
). The browser still processes this as the given file extension (e.g.,.png
), so it's not actually executing any code. However, the file is able to be hosted, which feels like a vulnerability.