danpros Htmly Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in danpros Htmly version 3.0.8. This issue occurs in the /author/:name endpoint, where the name parameter is not adequately sanitized before being displayed in the HTML response. This lack of proper validation allows attackers to inject arbitrary JavaScript payloads. When a user clicks on a crafted URL containing the malicious payload, the injected script executes in the context of the user's browser, potentially leading to session hijacking, information disclosure, or unauthorized actions performed on behalf of the user.

Impact

Exploitation of this vulnerability allows for cross-site scripting, which could result in session hijacking, credential theft through stolen cookies or localStorage, phishing attacks, or execution of actions in the context of the victim.

Reproduction

To reproduce this vulnerability, an attacker can craft a URL that includes a malicious JavaScript payload in the name parameter of the /author/:name endpoint. Once the URL is created, the attacker must lure a victim into clicking it. When the victim opens the URL, the injected script will be reflected in the HTML response and executed in their browser.

Remediation

Users are advised to upgrade to Htmly version 3.0.9, which addresses this vulnerability.