WiFi File Transfer Cross-Site Scripting Vulnerability

A persistent cross-site scripting vulnerability has been identified in WiFi File Transfer version 1.0.8. This vulnerability allows remote attackers to inject malicious scripts into file and folder names. Exploitation occurs when users preview these infected file paths, potentially hijacking their browser sessions.

Impact

Exploitation of this vulnerability allows for session hijacking and the execution of injected scripts in the context of the user's browser.

Reproduction

The vulnerability can be reproduced by installing WiFi File Transfer version 1.0.8 on an Android device. Once the application is running and the WiFi web server is active, an attacker can access the web interface through a browser. By injecting a script payload into the file or folder name and saving it, the injected script will execute when the path is previewed.

Remediation

To address this vulnerability, input validation should be improved by restricting file and folder names to disallow special characters. Additionally, the application should sanitize and encode the content of the data_file parameter before processing, and filter output paths to prevent script execution.