Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

[email protected]

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram
CVE

CVE-2022-4605 – FlatPress

RCE – Remote Code Execution

flatpresshas a feature to upload file “uploader” and display from “media manager”. By uploading SVG files, the users can perform Stored XSS attack. Copy the following code and save as filename.svg.

POC – Proof of concept

PAYLOAD: <x:script xmlns:x="http://www.w3.org/1999/xhtml">alert(document.domain)</x:script>

Impact

If an attacker can execute the script in the victim’s browser via SVG file, they might compromise that user by stealing its cookies.

Severity

https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-4605

https://huntr.dev/bounties/df455d44-0dec-470c-b576-8ea86ec5a367/

https://github.com/flatpressblog/flatpress