SimpleMachines SMF Stored Cross-Site Scripting Vulnerability in ManageAttachments.php

A stored cross-site scripting vulnerability has been identified in SimpleMachines Forum (SMF) version 2.1.4. The issue arises in the 'ManageAttachments.php' file, specifically within the 'notice' parameter. This vulnerability allows attackers to inject malicious scripts that are executed when other users view the affected web pages. Although the vendor does not consider this a security vulnerability due to authentication requirements for accessing file modification features, the existence of the vulnerability has been publicly disclosed and is available for exploitation.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the affected content.

Reproduction

To reproduce this vulnerability, a user must create a new post and upload an attachment. Once the attachment is uploaded, the attacker can delete the attachment by age or size and inject a script payload into the 'notice' parameter of the 'ManageAttachments.php' page. After the payload is injected, it will be executed when the post is viewed by a victim.