sist2 icon indicating copy to clipboard operation
sist2 copied to clipboard
verified publisher icon simon987

Improper Input Sanitization leads to Cross-Site Scripting (XSS)

Open l4rm4nd opened this issue 4 months ago • 0 comments

Device Information (please complete the following information):

  • Deployment: Docker
  • SIST2 Version: 3.5.0

Describe the bug If a file is indexed that has HTML/JS code in its filename, the HTML/JS code will be rendered and executed in the browser once the sist2 frontend is browsed.

Steps To Reproduce

  1. Index a image file with the filename Sun'><img src=x onerror=alert(1)>set.jpg
  2. Browse the sist2 frontend (create if not available yet)
  3. Experience a JS popup windows with 1

Expected behavior Filenames are properly sanitized and encoded.

Actual Behavior No sanitization nor encoding. HTML/JS code is rendered and executed.

Screenshots

Image

Recommendation

https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html

l4rm4nd avatar Aug 26 '25 09:08 l4rm4nd