Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

FlashCanvas 1.5 proxy.php XSS Vulnerability

From: code () 7elements co uk
Date: Wed, 11 Dec 2013 15:59:54 GMT
Advisory Information

Title: FlashCanvas proxy.php XSS Vulnerability

Date published: 11 December 2013

Reference: CVE-2013-6880

Advisory Summary

Script does not adequately verify the Referer header before requesting (via curl) the remote URL specified in the ‘url’ 
GET parameter and rendering it.

Vendor

FlashCanvas.net <http://flashcanvas.net/>

Affected Software

FlashCanvas 1.5 and possibly older.

FlashCanvas is also used in other software frameworks such as WebShims, therefore the affected software maybe wider.

Description of Issue

The issue exists because the proxy.php script does not adequately verify the Referer header before requesting (via 
curl) the remote URL specified in the ‘url’ GET parameter and rendering it. This leads to some interesting 
possibilities, the one proved being cross-site scripting. 

More technical detail can be found here:
http://www.7elements.co.uk/resources/blog/cve-2013-6880-proof-concept/


Fix

We would recommend updating to version 1.6 http://flashcanvas.net/release/1.6
Previous By Date Next
Previous By Thread Next

Current thread: