cdevroe unmark Cross-Site Scripting Vulnerability in Marks Controller

A stored cross-site scripting vulnerability has been identified in cdevroe unmark versions through 1.9.3. The issue arises in the Marks controller, specifically within the application/controllers/Marks.php file. The vulnerability is triggered by manipulating the 'title' argument, which is processed without proper HTML escaping, allowing malicious JavaScript to be injected and executed in the context of the user viewing the bookmark.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected JavaScript is executed in the browser of users who view the affected bookmark.

Reproduction

To reproduce this vulnerability, upload an SVG file containing malicious JavaScript in the title, such as an alert script. Then, use the 'Add Bookmark' feature to submit a URL pointing to this SVG file. The application will retrieve the title without filtering, store it in the database, and execute the script when the bookmark is viewed.