Zenphoto Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in Zenphoto version 1.6. This vulnerability allows authenticated attackers to inject malicious scripts by adding HTML content, including iframe or script tags, into album descriptions. The injected scripts are executed when users view the album page.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the album.

Reproduction

To reproduce this vulnerability, create a new album and enter a description that includes an iframe or script tag. Once the album is saved, the injected content will execute when the album page is viewed. Alternatively, the vulnerability can be reproduced by injecting a script into the postal code field of a user account, which will trigger an XSS when the information is imported as HTML.