Multiple Store XSS via upload svg file and the file name of attachment in neorazorx/facturascripts
Apr 27th 2022
Hi There, facturascripts is vulnerable to store XSS by upload svg file, and the filename
Step to produce with svg file
Login as admin or any account has role Admin->Library, access Admin -> library -> New and upload file svg with content:
save this. XSS will be trigger when you download it.
Step to produce with file name payload:
just upload file with the file name:
%22><img src=x onerror=alert(document.cookie).xlsx -> xss will be trigger
This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.