Slack: Stored XSS in www.slack-files.com

2014-03-01T21:29:41
ID H1:2617
Type hackerone
Reporter prakharprasad
Modified 2014-05-23T22:59:09

Description

Hi,

We can create posts under https://subdomain.slack.com/files/create/post

Post will have XSS payload like "><img src=x onerror=alert(10);> in title and body

We save it and hit "Create public link" and once we share the link it will trigger XSS.

Example/POC: https://slack-files.com/T025LLJ2X-F025N8W7W-3a5691

Thanks

Prakhar Prasad