OpenList Frontend Stored Cross-Site Scripting Vulnerability
Vulnerability
A stored cross-site scripting vulnerability has been identified in OpenList Frontend versions prior to 4.0.0-rc.4. The issue arises in the file preview feature, where .py files containing JavaScript code in <script> tags can be executed as HTML in certain modes. This vulnerability allows for the execution of arbitrary JavaScript in the context of the user viewing the file.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected JavaScript is executed in the context of the user.
Reproduction
To reproduce this vulnerability, upload a .py file containing JavaScript code wrapped in <script> tags. When the file is viewed in browsing mode, the JavaScript will be executed in the user's browser. This vulnerability can be exploited without any special permissions, although files uploaded by users with elevated permissions may cross privilege boundaries.
Remediation
Users can update to OpenList Frontend version 4.0.0-rc.4 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.