Stored XSS due to the setting text/xml mime type for xml files in neorazorx/facturascripts
May 11th 2022
Hi, The patch for the previous XSS vulnerability Cross-site scripting - Reflected via upload .xml file looks incomplete.
It just will set the mime type to
text/xml for XML files to avoid XSS, However, this one can be also used to perform XSS too.
Proof of Concept
Upload the following file with
Stored-XSS allows attackers to perform arbitrary actions on behalf of victims on the client-side.
Redirect users to malicious sites for phishing and etc...