File Upload Restriction Bypass leading to Stored XSS Vulnerability
Discription
# Description
File Upload Restriction Bypass leading to Stored XSS Vulnerability, by leveraging file extension **vbhtm, vbhtml, soap, even any extension ends with html (e.g. aahtml, bbhtml)**
# Proof of Concept
Step 1) Access https://www.showdoc.com.cn/attachment/index
Step 2) Prepare a file with content below and named as xss.vbhtm to upload
Step 3) Click check
XSS will be triggered
![image](https://user-images.githubusercontent.com/21979646/158064002-eebada17-7500-46e3-ae33-3a837d813c1f.png)
# Impact
An attacker could leverage this to perform social engineering and thereby stealing victim’s cookie etc.Read More
References
Back to Main