Unrestricted Upload of File with Dangerous Type in fisharebest/webtrees
Oct 9th 2021
The program allows to upload files with dangerous file types in the media upload section, leading to XSS and other exploits like shell uploads, HTML injection leading to Social Engineering attacks, etc ..., I have demonstrated HTML file upload leading to XSS here.
Proof of Concept
move to link upload an HTML file with and view it. XSS will be triggered
XSS, shell uploads, HTML injection
if shell are uploaded
For html pages there is need of user interaction to trigger the payload. I will update here about the shell upload after sometime.
OK - can you provide a POC for the shell upload, or update the description to remove it. Thanks
I think shell upload is not possible I will remove it from the description. and I was not able to recreate the XSS hope you have fixed it but still HTML injection is possible.
@maintainer - the researcher has requested a CVE to be created for this report. Are you happy to go ahead with this?