Impact
The file upload interface is not checked for permissions, so users who are not logged in can upload any file directly to the background, and the file type is not checked, so they can upload any type of file.
Vulnerable interface: static/resource/upload/.
-
Upload an html to static/resource/upload/interface, the javascript in the html is used to pop up the cookie, after deleting the cookie, the upload can still be successful.

-
Upload the file name b1ace870-c3d6-11ed-9218-a9fe7c2f5491, just don't repeat the file name
-
The files are uploaded and stored in the static-resource directory, visit http://192.168.253.1:8091/static-resource/b1ace870-c3d6-11ed-9218-a9fe7c2f5491.html
Popped up cookie information, forming a stored XSS vulnerability

Affected versions: <= 1.18.4
Patches
The vulnerability has been fixed in v1.18.5.
Workarounds
It is recommended to upgrade the version to v1.18.5.
References
If you have any questions or comments about this advisory:
Open an issue in https://github.com/dataease/dataease
Email us at wei@fit2cloud.com
Impact
The file upload interface is not checked for permissions, so users who are not logged in can upload any file directly to the background, and the file type is not checked, so they can upload any type of file.
Vulnerable interface: static/resource/upload/.
Upload an html to static/resource/upload/interface, the javascript in the html is used to pop up the cookie, after deleting the cookie, the upload can still be successful.

Upload the file name b1ace870-c3d6-11ed-9218-a9fe7c2f5491, just don't repeat the file name
The files are uploaded and stored in the static-resource directory, visit http://192.168.253.1:8091/static-resource/b1ace870-c3d6-11ed-9218-a9fe7c2f5491.html

Popped up cookie information, forming a stored XSS vulnerability
Affected versions: <= 1.18.4
Patches
The vulnerability has been fixed in v1.18.5.
Workarounds
It is recommended to upgrade the version to v1.18.5.
References
If you have any questions or comments about this advisory:
Open an issue in https://github.com/dataease/dataease
Email us at wei@fit2cloud.com