UnoPim Stored Cross-Site Scripting Vulnerability in User Creation Endpoint

A stored cross-site scripting vulnerability has been identified in UnoPim, an open-source Product Information Management system built on Laravel. This vulnerability exists in versions prior to 0.2.1 and allows for the injection of malicious scripts via SVG files, which bypass the application's sanitizer. The issue is present in the user creation endpoint within the admin settings.

Impact

Exploitation of this vulnerability allows an attacker to inject malicious scripts that are executed in the context of the user viewing the affected page, potentially leading to unauthorized actions being performed on behalf of that user.

Reproduction

To reproduce this vulnerability, upload a file named 'POC.html' through the user creation form in the admin settings. This file should be crafted to include SVG content that exploits the sanitization bypass by including JavaScript payloads, such as one that alerts document cookies or performs actions as the admin user.

Remediation

Users can update to UnoPim version 0.2.1 or later, where this vulnerability has been fixed.