LearnHouse Stored Cross-Site Scripting Vulnerability in Account Settings Component
Vulnerability
A stored cross-site scripting vulnerability has been identified in LearnHouse versions prior to commit 98dfad76aad70711a8113f6c1fdabfccf10509ca. The issue arises in the Account Setting Page, specifically within the file '/dash/org/settings/previews'. This vulnerability allows for the execution of arbitrary JavaScript in the browsers of users who view the affected SVG images, potentially leading to session hijacking or credential theft.
Impact
Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the context of the user's browser, with potential consequences including session hijacking, credential theft, or the delivery of phishing payloads.
Reproduction
To reproduce this vulnerability, upload a malicious SVG file containing embedded JavaScript into an affected endpoint, such as the profile picture upload or organization image preview settings. Once uploaded, the SVG can be viewed in a new tab, where the JavaScript will execute, demonstrating the cross-site scripting vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.