CVE-2024-4023

Опубликовано: 20 мар. 2025

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

A stored cross-site scripting (XSS) vulnerability exists in flatpressblog/flatpress version 1.3. When a user uploads a file with a .xsig extension and directly accesses this file, the server responds with a Content-type of application/octet-stream, leading to the file being processed as an HTML file. This allows an attacker to execute arbitrary JavaScript code, which can be used to steal user cookies, perform HTTP requests, and access content of the same origin.

Ссылки

https://github.com/flatpressblog/flatpress/commit/3c9cc69364a45fd3f92d4bd606344b5dd1205d6a
Patch
https://huntr.com/bounties/ed803c13-0858-4c22-93ba-bf2384ab1e9d
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:flatpress:flatpress:1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00204

Низкий

8.1 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-4023

CVSS3: 8.1

debian

11 месяцев назад

A stored cross-site scripting (XSS) vulnerability exists in flatpressb ...

GHSA-qv9p-39px-hfwc

CVSS3: 8.1

github

11 месяцев назад

A stored cross-site scripting (XSS) vulnerability exists in flatpressblog/flatpress version 1.3. When a user uploads a file with a `.xsig` extension and directly accesses this file, the server responds with a Content-type of application/octet-stream, leading to the file being processed as an HTML file. This allows an attacker to execute arbitrary JavaScript code, which can be used to steal user cookies, perform HTTP requests, and access content of the same origin.

EPSS

Процентиль: 42%

0.00204

Низкий

8.1 High

CVSS3

Дефекты

CWE-79