Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

[email protected]

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram
CVE

CVE-2022-4690 – Usememos

Stored XSS

Usememos has a feature to upload file and display it. By uploading a crafted SVG files, the users can perform Stored XSS attack with the image direct link.

POC – Proof of concept

  • Login as user
  • create a new post and upload the svg file
  • save the post
  • take the direct link of the image and open it in a new tab
  • see XSS (example link: https://<yoursite>/o/r/8/filename.svg).
PAYLOAD: javascript:alert(document.cookie)

Impact

If an attacker can control a script that is executed in the victim’s browser, then they can typically fully compromise that user. The attacker can carry out any of the actions that are applicable to the impact of reflected XSS vulnerabilities.

Severity

https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Reference

https://huntr.dev/bounties/7e1be91d-3b13-4300-8af2-9bd9665ec335/

https://nvd.nist.gov/vuln/detail/CVE-2022-4690

https://github.com/usememos/memos