File Upload Restriction Bypass leading to Stored XSS Vulnerability

Main / File Upload Restriction Bypass leading to Stored XSS Vulnerability

Discription

# Description
File Upload Restriction Bypass leading to Stored XSS Vulnerability, by leveraging file extension **vbhtm, vbhtml, soap, even any extension ends with html (e.g. aahtml, bbhtml)**

# Proof of Concept
Step 1) Access https://www.showdoc.com.cn/attachment/index

Step 2) Prepare a file with content below and named as xss.vbhtm to upload

Step 3) Click check

XSS will be triggered
![image](https://user-images.githubusercontent.com/21979646/158064002-eebada17-7500-46e3-ae33-3a837d813c1f.png)
# Impact
An attacker could leverage this to perform social engineering and thereby stealing victim’s cookie etc.Read More

References

Back to Main

Subscribe for the latest news: