First published: Sat Jun 02 2018(Updated: )
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Pagekit pagekit | <=1.0.13 | |
composer/pagekit/pagekit | =1.0.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.