Bludit Stored Cross-Site Scripting Vulnerability in Post Content

A stored cross-site scripting vulnerability has been identified in Bludit version 3.16.2. This issue arises in the post content feature, where the application only applies client-side sanitation of input but fails to implement equivalent sanitation on the server side. As a result, an authenticated user can inject arbitrary JavaScript into the content field of a post. This injected script is stored and later rendered to other users without proper output encoding. When the content is viewed, the script executes in the context of the victim's browser, potentially leading to session hijacking, credential theft, content manipulation, or other actions within the user's privileges.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the post.

Reproduction

To reproduce this vulnerability, log into Bludit and navigate to the 'New Content' section. After entering a title, insert a script payload into the content box. Although the front-end will sanitize the input, the script will be executed once the content is saved and viewed, demonstrating the stored XSS vulnerability.