bug reporting

midhuns480@gmail.com shared this idea 2 years ago
Under Consideration

hello sir i am midhun s

i found file upload xss

Vulnerable URL: https://features.ispsystem.com/

Vulnerability: File Upload XSS

Severity: High

Owasp rank: (OTG-BUSLOGIC-009)


Below are the steps to reproduce the XSS vulnerability


Pick any image and name it as “><img src=x onerror=prompt(document.domain)> to make the XSS payload.


(Only for Linux)

“><img src=x onerror=prompt(document.domain)>.jpg

i am adding a video for more understand please look this please patch the bug soon

https://drive.google.com/file/d/143rIZSjlSvWLO0_S0_f_gy9uiFbQarSa/view?usp=sharing

any doubts regarding this please contact me

thank you