Description: File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a svg file with XSS content.
Attack Vectors: AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
We create an svg file with the following content:
<svg
onload="alert('xss attach')"
xmlns="http://www.w3.org/2000/svg">
</svg>
When logging into the panel, we will go to the "Filemanager" section off Administration Menu and click on Upload file.
Here we see the svg file uploaded correctly:
Then we open the file and the XSS pop-up appears