Headline
CVE-2022-1345: Stored XSS viva .svg file upload in organizr
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.
Description
The application allows .svg files to upload which leads to stored XSS
Proof of Concept
1.Download the payload from this link:- https://drive.google.com/file/d/1c1BP5bxXBxtwLfRJTrEPgMWK1yVFDF2R/view?usp=sharing
2.Login to the application with Co-admin account and go to “Settings” -> “Image Manager” and upload the downloaded “XSS.svg” payload.
3.Then login with admin account and go to “Settings” -> “Image Manager” and select the “XSS.svg” and open it on a new tab or open the uploaded location you will see that XSS will trigger and this can lead to the admin account takeover.
PoC video:
https://drive.google.com/file/d/1jdjUHuQPG0xVR3pImcg3vT4cuxhIEuBi/view?usp=sharing
Impact
This allows attackers to execute malicious scripts in the user’s browser and it can lead to session hijacking, sensitive data exposure, and worse.