You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Website background file submission file hosting server vulnerability
Hazard level: low risk
Coverage: This vulnerability can be invoked by all registered users
Vulnerability details
Personal information - avatar upload - upload any picture capture package:
modify the cropped_b64 parameter to data: image / arbitrary file type; BASE64, file content encoding base64 upload can successfully pass the browser - view the source code to get the file after uploading path
Repair plan
Verify data:image/jpeg in cropped_b64
The text was updated successfully, but these errors were encountered:
Website background file submission file hosting server vulnerability
Hazard level: low risk
Coverage: This vulnerability can be invoked by all registered users
Vulnerability details
Personal information - avatar upload - upload any picture capture package:
modify the cropped_b64 parameter to data: image / arbitrary file type; BASE64, file content encoding base64 upload can successfully pass the browser - view the source code to get the file after uploading path
Repair plan
The text was updated successfully, but these errors were encountered: