FlatPress 1.0.2 - Cross-site Scripting
Advisory ID: RO-14-011
Severity: Critical
Vendor: FlatPress
Product: FlatPress
Version: 1.0.2


Overview #

Cross-site Scripting (XSS) vulnerabilities exist in FlatPress version 1.0.2. FlatPress is a blogging engine that saves posts as simple text files.


Vulnerability Details #

Affected Versions: 1.0.2 and earlier

Root Cause: Insufficient input validation in the content parameter allows XSS attacks.
Technical Details #

POST /?x=entry:entry131123-000300 HTTP/1.1

content=</textarea><script>alert(9)</script>



Exploitation Requirements #

    Authentication may be required
    Victim must view the malicious content

Impact #

Remote attackers can exploit these vulnerabilities to:

    Steal user session cookies
    Perform actions on behalf of users
    Persistently inject malicious content



Solution #

Update to a patched version. See GitHub Issue #14.


References #

    Invicti Advisory NS-14-015

Timeline:

    [2014-03-04] - First Contact
    [2014-03-05] - Vendor Fixed
    [2014-04-08] - Advisory Released

Credits: Omar Kurt