Emlog Pro 2.5.19 Stored XSS via SVG Upload in Media Component

Key Information Vulnerability Description Type: Stored XSS Vulnerability Cause: Improper validation and sanitization of SVG files allows attackers to upload SVG files containing malicious JavaScript code. Affected Product Product: Emlog Pro Version: 2.5.19 Component: Media Upload Functionality ( ) Technical Details Issue: The media upload component permits SVG file uploads without proper validation or sanitization. Example: An attacker can create a malicious SVG file embedding JavaScript code, which executes when the file is viewed. Proof of Concept (PoC) Steps: Create and upload an SVG file containing malicious JavaScript code. Result: When the uploaded SVG file’s URL is accessed, the JavaScript code executes in the browser context. Vulnerability Code Analysis Problem Points: 1. Lack of effective validation for SVG files. 2. Absence of sanitization for potentially dangerous SVG elements and attributes. 3. SVG files served with MIME types that allow script execution. 4. No Content Security Policy (CSP) in place to restrict script execution within uploaded media. Impact Consequences: 1. Execution of arbitrary JavaScript code. 2. Theft of sensitive information (e.g., session cookies and authentication tokens). 3. Execution of actions on behalf of the victim. 4. Potential for more severe attacks when combined with other vulnerabilities. Remediation Recommendations Measures: 1. Implement proper validation and sanitization for SVG files. 2. Remove potentially dangerous SVG elements and attributes. 3. Convert SVG files to other image formats (e.g., PNG). 4. Enforce a Content Security Policy (CSP) to prevent inline script execution. 5. Save uploaded SVG files with MIME types that block script execution. Timeline 2025-08-21: Vulnerability discovered. 2025-08-21: Documentation and PoC created. Future Date: Vulnerability reported to vendor. Future Date: CVE assigned.

Goal Reached Thanks to every supporter — we hit 100%!

Emlog Pro 2.5.19 Stored XSS via SVG Upload in Media Component