Stored XSS viva .svg file upload in causefx/organizr
Apr 10th 2022
The application allows .svg files to upload which leads to stored XSS
Proof of Concept
1.Download the payload from this link:- https://drive.google.com/file/d/1c1BP5bxXBxtwLfRJTrEPgMWK1yVFDF2R/view?usp=sharing
2.Login to the application with Co-admin account and go to "Settings" -> "Image Manager" and upload the downloaded "XSS.svg" payload.
3.Then login with admin account and go to "Settings" -> "Image Manager" and select the "XSS.svg" and open it on a new tab or open the uploaded location you will see that XSS will trigger and this can lead to the admin account takeover.
This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.