Solon Directory Traversal Vulnerability Allowing XSS Attacks
Vulnerability
A directory traversal vulnerability has been identified in Solon version 3.1.2, specifically within the solon-faas-luffy component. This vulnerability allows remote attackers to conduct cross-site scripting (XSS) attacks by exploiting the way the application processes file paths. Attackers can manipulate directory traversal sequences to load and execute malicious JavaScript files from arbitrary locations on the server.
Impact
Exploitation of this vulnerability could lead to cross-site scripting (XSS) attacks, allowing attackers to inject and execute malicious scripts in the context of the user's browser.
Reproduction
To reproduce this vulnerability, deploy a Solon application using version 3.1.2. Configure the application to use the solon-faas-luffy component. Once the application is running, send a HTTP GET request that includes a directory traversal sequence (such as '../') to access and execute a JavaScript file placed in a vulnerable directory, like '/tmp/'. The injected script could, for example, execute a command using the Java Runtime.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.