-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCVE-2023-38306
21 lines (11 loc) · 1.13 KB
/
CVE-2023-38306
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Vulnerability #4: CVE-2023-38306
Description:
An issue was discovered in Webmin 2.021. An XSS Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is detected. However, by following certain steps, an attacker can bypass these restrictions and inject malicious code.
RISK FACTOR: Critical
Affected Component – Upload functionality.
Procedure for reproducing the issue:
1. Under standard circumstances, attempting to upload files such as .svg, .php, and others would trigger an error message.
2. Within our available resources, we possess a file named "test.svg."
3. In order to work around the existing file upload restrictions, we compress the "test.svg" file into a zip archive and proceed with the upload process.
4. During the upload procedure, we select the option to extract the contents of the uploaded archive by confirming "Yes," and subsequently, we opt to delete the original archive.
5. Upon completion of the aforementioned steps, a popup will become visible.