Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-21769

Self XSS in the attached filename

    XMLWordPrintable

Details

    • Unknown

    Description

      An attacker can convince a victim to upload an attachment with a malicious  filename in order to trigger an XSS vulnerability.

      Below is a detailed replication guide.

      1. Login in the XWiki instance and go to the following path `/bin/view/Main/#Attachments` and click on the Browse button.
      2. Upload a file with the following filename "><img src=x onerror='alert(1)'>.txt and it is going to trigger an XSS vulnerability

      Attachments

        1. image-2024-01-08-13-13-55-687.png
          155 kB
          Georgios Roumeliotis
        2. image-2024-01-08-13-17-59-614.png
          100 kB
          Georgios Roumeliotis
        3. image-2024-01-08-13-19-14-017.png
          142 kB
          Georgios Roumeliotis

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-19611 XSS through attachment filename in uploader

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              MichaelHamann Michael Hamann
              groumeliotis Georgios Roumeliotis
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: