Cross-site Scripting (Stored XSS) in omeka/omeka-s
Aug 2nd 2023
For any role that has permission to execute function assets, i can add a new asset. Even though the site only allows uploading images and gifs, I can still upload an html file by modifying the magic number and that leads to XSS.
Proof of Concept
- Link PoC: https://docs.google.com/document/d/1LIADzS1q4rIhbCT_xSXzSdEiH9b6KYdgkSgMazRxB3A/edit?usp=sharing
- Link video PoC: https://photos.app.goo.gl/CtUgrWiarz93ULsG6
Through this vulnerability, an attacker is capable to execute malicious scripts.