After admin see Vendor apply info by clicking Edit button, uploaded file will be generated and the final uploaded file has formatted /images/thumbs/{id-Vendor.Name-100.Content-Type-extension}
id parameter is 7 digits number and it is auto increment, therefore it is easy to guess/bruteforce
User Input Vendor.Name will be filtered special character, therefore, I just put alphabet characters here to make output unchange
Content-Type is text/html => Content-Type-extension is html.
nopCommerce version: 4.50.1
Steps to reproduce the problem:
Impact: Unrestricted File Upload in Apply for vendor account feature leading to Stored XSS
The text was updated successfully, but these errors were encountered: