SVG based Stored XSS

Goal before approaching the program

Approach

Bypassing Filter

  • They were creating an api POST request with only the image header being sent. If the header is valid then there was another POST request that was uploading the actual file. No validation on this second POST request.
  • Here we can just send a valid png and in the second request we can replace the png contents with the svg payload.

--

--

--

building and breaking software

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Nathan Little of Tetra Defense: 5 Things You Need to Know to Optimize Your Company’s Approach to…

The Differences between Whatsapp, Telegram, and SignalRichy Riches

The Differences between Whatsapp, Telegram, and SignalRichy Riches

$TOKAU Burning Plan

Helping Consumers with Digital Payments

Vote Now for the Deri Protocol Slogan Contest

Largest DDOS Attack in History

A brief history of VDR —  Document Security

Deal Room Security in the past

🥇 AMA: ANIMVERSE x ONEBIT IS NOW LIVE!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prashant Bhatkal

Prashant Bhatkal

building and breaking software

More from Medium

Multi XSS Exploit in Upload File

Cross-Origin Resource Sharing (CORS) Misconfiguration leads to User’s PII leaks.

Bug type: Stored Cross Site Scripting (XSS) and HTML Injection — Part 2

WTF IS IDOR!?