Table of Contents
When uploading a logo or favicon the filename can be controlled by attacker since the key can be modified which serves as the filename.
Proof of Concept: #
- go to http://localhost/settings/admin/theming
- upload a logo or favicon
- intercept the request using burp
- modify the key