XSS and Open Redirect via SVG Upload in parisneo/lollms-webui

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui 2. Vulnerability Type: CWE-434: Unrestricted Upload of File with Dangerous Type 3. Vulnerability Description: - The lollms-webui application has two vulnerabilities when handling SVG file uploads: Cross-Site Scripting (XSS) and Open Redirect. - The XSS vulnerability allows attackers to embed malicious JavaScript code within an SVG file, leading to sensitive data leakage, application functionality manipulation, or unauthorized operations. - The Open Redirect vulnerability enables attackers to redirect users to malicious websites by uploading a malicious SVG file, increasing the risk of phishing attacks, malware distribution, and reputational damage. 4. Exploitation Steps: - For XSS: Access the application, create a malicious SVG file, upload it, and observe the execution of malicious JavaScript. - For Open Redirect: Access the application, create a malicious SVG file, upload it, and observe users being redirected to a malicious website. 5. Impact: - Data Leakage: Attackers can exploit the XSS vulnerability to steal sensitive user data, manipulate application functions, or perform unauthorized actions on behalf of authenticated users. - User Redirection: The Open Redirect vulnerability allows attackers to redirect users to malicious websites, increasing the risk of phishing, malware distribution, and reputational harm. 6. Vulnerability Status: - Fixed: The vulnerability has been fixed. - Fix Status: Status is “UNPROVEN”, fixed by Saifeddine ALOUI. - Fix Time: Fixed 6 months ago. 7. Vulnerability Rating: - Severity: High (7.3) - Scope: Local, Low - User Interaction: Required - Security: Unchanged - Confidentiality: Low - Integrity: High - Availability: High This information provides a detailed description and remediation status of the vulnerability, aiding in understanding its nature and impact.

Goal Reached Thanks to every supporter — we hit 100%!

XSS and Open Redirect via SVG Upload in parisneo/lollms-webui