Origami icon indicating copy to clipboard operation
Origami copied to clipboard

Published 20 hours ago verified publisher icon Cloud-CV

Origami allows user to upload any file as sample image

Open PalashTanejaPro opened this issue 7 years ago • 2 comments

Node version: 8.3.0

npm version: 5.5.1

Operating system: Debian Jesse

Command line used: bash

Steps to reproduce:

  1. Go to any origami demo.
  2. Try uploading text files and python scripts.

BONUS: If you are the admin of an origami demo, you can do the above steps and upload malicious files and can even run JavaScript on the user's browser.

UPDATE: Have written some code to fix this for the time being. Will make a PR in the morning.

PalashTanejaPro avatar Dec 21 '17 19:12 PalashTanejaPro

out

PalashTanejaPro avatar Dec 21 '17 20:12 PalashTanejaPro

@PalashTanejaPro Did you submit a PR for this?

AvaisP avatar Mar 09 '18 14:03 AvaisP