Copyparty DOM-Based Cross-Site Scripting Vulnerability

A DOM-based cross-site scripting vulnerability has been identified in Copyparty, a portable file server, in versions prior to and including 1.18.4. The issue arises from improper sanitization of multimedia tags in music files, including M3U files, allowing an unauthenticated attacker to execute arbitrary JavaScript in a victim's browser. This vulnerability can be exploited by uploading a malicious audio file or by tricking a user into clicking a link to an external M3U file that contains harmful JavaScript.

Impact

Exploitation of this vulnerability allows for arbitrary JavaScript execution in the context of the victim's browser.

Reproduction

To reproduce this vulnerability, upload a music file with a crafted artist name that includes JavaScript code, such as an image tag with an 'onerror' event. Alternatively, host an M3U file with similar JavaScript payloads on an attacker-controlled server and share a link that loads this file, executing the embedded JavaScript in the process.

Remediation

Users can update to Copyparty version 1.18.5, which addresses this vulnerability by properly sanitizing multimedia metadata before it is rendered in the web application.