Jump to content

Bug report! XSS to RCE on the Client side Environment using https://www.vintagestory.at/


Manojkumar J
 Share

Recommended Posts

Hello Folks,

 

I hope may you all will be well on your side of the screen. :)

 

In https://www.vintagestory.at/  there is multiple files upload parts are available. As a Ethical Hacker, I can able to say it was mis-used.

 

I have uploaded the proof of concept video in my google drive and turned on the link and below given the link. Kindly check it out.

 

https://drive.google.com/file/d/1rdvQ7X0nG9TEueHnYER3BfkKk39O_aAn/view?usp=sharing

 

Cheers!

  • Like 1
Link to comment
Share on other sites

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.