PySpector Stored Cross-Site Scripting Vulnerability Allowing JavaScript Execution
Vulnerability
A stored Cross-Site Scripting vulnerability has been identified in PySpector versions through 0.1.6, specifically within the HTML report generator. This issue arises when PySpector scans Python files that contain JavaScript payloads, particularly those embedded in strings passed to the eval() function. The flagged code snippets are inserted into the HTML report without proper sanitization. As a result, when the report is opened in a browser, the embedded JavaScript executes in the context of the local file.
Impact
Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the browser's local file context, potentially leading to unauthorized manipulation of the Document Object Model, redirection to malicious websites, or theft of locally accessible data from file paths, depending on the browser.
Reproduction
To reproduce this vulnerability, create a Python file containing a JavaScript payload embedded in a string argument to eval(). Run PySpector against the file, ensuring to generate an HTML report. Once the report is created, open it in a web browser, which will trigger the execution of the embedded JavaScript.
Remediation
Users can upgrade to PySpector version 0.1.7, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.