atjiu pybbs Stored Cross-Site Scripting Vulnerability in Topic Creation
Vulnerability
A stored cross-site scripting vulnerability has been identified in atjiu pybbs version 6.0.0. This issue arises in the TopicApiController's create function, where user-submitted HTML is not properly sanitized before being saved to the database. When the application is set to RICH content mode, this allows authenticated users to inject malicious JavaScript that executes when other users view the topic. The vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the topic.
Reproduction
To reproduce this vulnerability, first ensure that the atjiu pybbs application is running version 6.0.0 and is configured to use RICH content mode. This can be set in the admin panel under system settings. Once RICH mode is enabled, create a new topic and inject a script, such as an SVG image with an onload event, into the content. After posting the topic, the injected script will execute when the topic is viewed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.