Mangati NovoSGA Cross-Site Scripting Vulnerability in SVG File Upload
Vulnerability
A cross-site scripting (XSS) vulnerability has been identified in Mangati NovoSGA versions through 2.2.9. The issue arises in the SVG File Handler component, specifically within an unknown function of the /admin file. The vulnerability allows for the injection of malicious scripts through the logoNavbar and logoLogin parameters, which are then stored on the server and executed automatically when the affected page is accessed by users.
Impact
Exploitation of this vulnerability allows for multiple stored cross-site scripting injections. The injected scripts are executed in the context of the user, potentially leading to session hijacking, credential theft, and other malicious actions such as downloading malware or defacing websites.
Reproduction
To reproduce this vulnerability, upload a crafted SVG file containing a script payload through the logoNavbar or logoLogin parameters on the /admin page. After saving the upload, access the uploaded file via the trigger pages to execute the injected script.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.