FlatPress 1.0.2 - Cross-site Scripting

Advisory ID: RO-14-011
Severity: Critical
Vendor: FlatPress
Product: FlatPress
Version: 1.0.2

Overview #

Cross-site Scripting (XSS) vulnerabilities exist in FlatPress version 1.0.2. FlatPress is a blogging engine that saves posts as simple text files.

Vulnerability Details #

Affected Versions: 1.0.2 and earlier

Root Cause: Insufficient input validation in the content parameter allows XSS attacks.

Technical Details #

POST /?x=entry:entry131123-000300 HTTP/1.1

content=</textarea><script>alert(9)</script>

Exploitation Requirements #

  • Authentication may be required
  • Victim must view the malicious content

Impact #

Remote attackers can exploit these vulnerabilities to:

  • Steal user session cookies
  • Perform actions on behalf of users
  • Persistently inject malicious content

Solution #

Update to a patched version. See GitHub Issue #14.

References #

Timeline:

  • [2014-03-04] - First Contact
  • [2014-03-05] - Vendor Fixed
  • [2014-04-08] - Advisory Released

Credits: Omar Kurt