FlashCanvas <= 1.5 Reflected Cross-site Scripting Attack

low Nessus Network Monitor Plugin ID 8110

Synopsis

The remote host is running a vulnerable version of FlashCanvas.

Description

Versions of FlashCanvas 1.5 and possibly earlier are vulnerable to a flaw that allows a reflected cross-site scripting (XSS) attack, due to lack of input validation of the referer header when submitted to the proxy.php script. An attacker could leverage this to execute arbitrary code in the user's browser within the security context of the browser and the server.

Solution

Upgrade to Flash Canvas Pro 1.6 or later. The vendor also advises removing proxy.php from the web directory if upgrading is not possible.

See Also

http://flashcanvas.net/release/1.6

http://packetstormsecurity.com/files/124404/FlashCanvas-1.5-Cross-Site-Scripting.html

http://www.7elements.co.uk/news/cve-2013-6880

Plugin Details

Severity: Low

ID: 8110

Family: Web Servers

Published: 2/11/2014

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.6

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:shinyamuramatsu:flashcanvas

Patch Publication Date: 12/11/2013

Vulnerability Publication Date: 12/11/2013

Reference Information

CVE: CVE-2013-6880

BID: 64251