Stored XSS viva .svg file upload in causefx/organizr
Apr 10th 2022
The application allows .svg files to upload which leads to stored XSS
Proof of Concept
1.Download the payload from this link:- https://drive.google.com/file/d/1c1BP5bxXBxtwLfRJTrEPgMWK1yVFDF2R/view?usp=sharing
2.Login to the application with Co-admin account and go to "Settings" -> "Image Manager" and upload the downloaded "XSS.svg" payload.
3.Then login with admin account and go to "Settings" -> "Image Manager" and select the "XSS.svg" and open it on a new tab or open the uploaded location you will see that XSS will trigger and this can lead to the admin account takeover.
This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
My mistake, please change the severity as said by researcher and award the bounty
forgot to tag @admin sorry about that.
CVSS score should be: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H admin please change it
@admin Can you assign CVE to this report as the @maintainer agree
@admin you can assign CVE for this report