Stored XSS in EPESI (2)

pabstersac

There is another stored XSS when uploading files, this is because of incorrect file name handling when showing the file name.

Steps to reproduce:
1) Add a note to anyting (for example a bug Ticket)
2) Upload a file
3) Create a file called <img src=x onerror=alert(0)>.log
4) Upload <img src=x onerror=alert(0)>.log
5) XSS will be executed, then click on Save
6) Anyone that views the note will get the xss executed

Thank you!

michal_zieba

Hello,

This XSS vulnerability has been fixed in our latest release, 1.8.2.5. Thank you very much for taking part in our community.

https://github.com/Telaxus/EPESI
https://sourceforge.net/projects/epesi/

Regards

pabstersac

Hello,

Is there a CVE identifier for this vulnerability?

Sincerely,
Pablo

Epesi ENS | Epesi Academy | epesi.cloud PaaS | GitHub

Help Me! | Download from SourceForge