lcg0124 BootDo Cross-Site Scripting Vulnerability in ContentController

A cross-site scripting (XSS) vulnerability has been identified in lcg0124 BootDo versions prior to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. The issue resides in the ContentController's Save function, specifically within the /blog/bContent/save route. The vulnerability arises from the lack of proper XSS filtering on user-supplied input, including the content, author, and title parameters, allowing for the injection of malicious scripts. This vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser. This could lead to session hijacking, unauthorized access to user accounts, theft of sensitive data, defacement of web pages, and a broader compromise of the website's integrity.

Reproduction

To reproduce this vulnerability, send a request to the /blog/bContent/save endpoint with the content, author, and title parameters manipulated to include scripts or other HTML elements. The absence of XSS filtering will allow these elements to be executed as scripts in the user's browser.

Remediation

It is recommended to encode output data to treat user-generated content as plain text, implement input validation and filtering, use a Content Security Policy to restrict script execution sources, and conduct regular security audits to identify and address vulnerabilities.