Pagekit Stored Cross-site Scripting
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Apr 24, 2024
Description
Published by the National Vulnerability Database
Jun 2, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Apr 24, 2024
Last updated
Apr 24, 2024
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.
References