Bugtraq mailing list archives
FlashCanvas 1.5 proxy.php XSS Vulnerability
From: code () 7elements co uk
Date: Wed, 11 Dec 2013 15:59:54 GMT
Advisory Information Title: FlashCanvas proxy.php XSS Vulnerability Date published: 11 December 2013 Reference: CVE-2013-6880 Advisory Summary Script does not adequately verify the Referer header before requesting (via curl) the remote URL specified in the url GET parameter and rendering it. Vendor FlashCanvas.net <http://flashcanvas.net/> Affected Software FlashCanvas 1.5 and possibly older. FlashCanvas is also used in other software frameworks such as WebShims, therefore the affected software maybe wider. Description of Issue The issue exists because the proxy.php script does not adequately verify the Referer header before requesting (via curl) the remote URL specified in the url GET parameter and rendering it. This leads to some interesting possibilities, the one proved being cross-site scripting. More technical detail can be found here: http://www.7elements.co.uk/resources/blog/cve-2013-6880-proof-concept/ Fix We would recommend updating to version 1.6 http://flashcanvas.net/release/1.6
Current thread:
- FlashCanvas 1.5 proxy.php XSS Vulnerability code (Dec 11)