Slack: a stored xss issue in https://files.slack.com

2016-07-03T10:21:45
ID H1:149011
Type hackerone
Reporter securitythinker
Modified 2017-06-25T00:03:08

Description

when making a BoxNote snippet with this xss payload: XSS") ;</script> <img src="<img src=search"/onerror=alert(document.domain)//"> "><marquee>

when snippet made: and use the "view raw" xss payload will be executed

my ex: link where xss payload executed: https://files.slack.com/files-pri/T027N7MK3-F1NCA92JF/XSS__script_img_srcimgsrc_searchonerror_alert__Xss____marquee__boxnote.boxnote

that link will be executed in entire team mate that could probably used in exploitation.