Image upload xss

Also, i stumble across an old blog post by rsnake where it was possible to execute XSS on an upload function.

http://ha.ckers.org/blog/20070603/image-upload-xss/

http://pstgroup.blogspot.com/2007/06/tipsimage-upload-xss.html

an example of something you might test for:



So you upload this file:

http://ha.ckers.org/image-xss/"onerror="alert('XSS')"a=".jpg

This ends up making the page look like:



The Hacka Man