FlashCanvas <= 1.5 Reflected Cross-site Scripting Attack

Medium

Synopsis

The remote host is running a vulnerable version of FlashCanvas.

Description

Versions of FlashCanvas 1.5 and possibly earlier are vulnerable to a flaw that allows a reflected cross-site scripting (XSS) attack, due to lack of input validation of the referer header when submitted to the proxy.php script. An attacker could leverage this to execute arbitrary code in the user's browser within the security context of the browser and the server.

Solution

Upgrade to Flash Canvas Pro 1.6 or later. The vendor also advises removing proxy.php from the web directory if upgrading is not possible.