Store XSS in dotAdmin/#/c/c_Images on dotcms:21.05.1

[r0ck3t1973]

Describe the bug
Hi Team
I found small a store xss in dotAdmin/#/c/c_Images
install: Docker: dotcms/dotcms:21.05.1

To Reproduce

1. Login Admin panel
2. Go to 'dotAdmin/#/c/c_Images'
3. Click on 'Add new content'
4. Parameter: 'Title' and 'Filename"
5. Insert Payload Store XSS: " foo / bar"
6. Click 'Choose File' and BOOM XSS
7. Save and refersh store XSS

impact
Commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site.

Screenshots

Desktop (please complete the following information):

• OS: Win 10
• Browser Chrome: Version 91.0.4472.77 (Official Build) (64-bit)

[wezell]

This is a known issue with some of the older admin screens and takes administrative access to exploit. Additionally, dotCMS does not allow http-referers from outside of the known list of sites that it serves, which prevents XSS vulnerabilities like these from being exploitable in the wild.

https://dotcms.com/security/SI-16

[r0ck3t1973]

CVE-2021-35358