Unrestricted Image Upload in causefx/organizr

Valid

Reported on

Apr 15th 2022


Description

When testing file upload function in Organizr (2.1.1830), there are improvement on image upload features in Image Manager. But user can bypass it by identify double extension file type method

Proof of Concept

  1. Login and go to Settings -> Image Manager
  2. Upload file with double extension jpg/png ** test on php & svg file

Screenshot

  1. version
  2. burp
  3. file upload

Impact

This is not the security issues since all those file uploaded being tested cannot be execute. This flaws allow user to upload another file that no need for the application.

We are processing your report and will contact the causefx/organizr team within 24 hours. a month ago
causefx validated this vulnerability a month ago
din has been awarded the disclosure bounty
The fix bounty is now up for grabs
causefx
a month ago

Maintainer


i will move over to mime type checking....

din
a month ago

Researcher


Thanks for validating this

We have sent a fix follow up to the causefx/organizr team. We will try again in 7 days. a month ago
causefx confirmed that a fix has been merged on 513aec a month ago
causefx has been awarded the fix bounty
to join this conversation