lwj Flow Unrestricted File Upload Vulnerability in SVG File Handler
Vulnerability
A vulnerability allowing arbitrary file uploads has been identified in lwj Flow versions prior to commit a3d2fe8133db9d3b50fda4f66f68634640344641. The issue arises in the uploadFile function within the FormResource.java file, part of the SVG File Handler component. This vulnerability is due to inadequate validation of file extensions and content types, enabling remote exploitation. The flaw has been publicly disclosed and is actively exploitable.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which could lead to the execution of uploaded files or the introduction of malicious files into the application.
Reproduction
To reproduce this vulnerability, send a POST request to the /front/flow/uploadFile/ endpoint with a file attachment. The request must include a valid authorization token and can be made using a web browser or a tool like Postman. The uploaded file can be of any type, as the application does not properly validate file extensions or content types.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.