CVE-2022-3137 – TaskBuilder < 1.0.8 - Subscriber+ Stored XSS via SVG file upload

https://notcve.org/view.php?id=CVE-2022-3137

The Taskbuilder WordPress plugin before 1.0.8 does not validate and sanitise task's attachments, which could allow any authenticated user (such as subscriber) creating a task to perform Stored Cross-Site Scripting by attaching a malicious SVG file El plugin Taskbuilder de WordPress versiones anteriores a 1.0.8, no comprueba ni sanea los archivos adjuntos de las tareas, lo que podría permitir a cualquier usuario autenticado (como un suscriptor) que cree una tarea llevar a cabo ataques de tipo Cross-Site Scripting Almacenado al adjuntar un archivo SVG malicioso The Taskbuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts into SVG files that are uploaded as part of the task creation process and that will execute whenever a user accesses an injected page or access such an SVG file directly. • https://wpscan.com/vulnerability/524928d6-d4e9-4a2f-b410-46958da549d8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •