CVE-2024-4023

HIGH

flatpress 1.3 - Stored Cross-Site Scripting via .xsig File Upload

Title source: llm

Description

A stored cross-site scripting (XSS) vulnerability exists in flatpressblog/flatpress version 1.3. When a user uploads a file with a `.xsig` extension and directly accesses this file, the server responds with a Content-type of application/octet-stream, leading to the file being processed as an HTML file. This allows an attacker to execute arbitrary JavaScript code, which can be used to steal user cookies, perform HTTP requests, and access content of the same origin.

References (2)

Core 2

Core References

Patch

https://github.com/flatpressblog/flatpress/commit/3c9cc69364a45fd3f92d4bd606344b5dd1205d6a

View Patch ZIP pw:eip

Exploit, Third Party Advisory

https://huntr.com/bounties/ed803c13-0858-4c22-93ba-bf2384ab1e9d

Scores

CVSS v3 8.1

EPSS 0.0075

EPSS Percentile 50.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

flatpress/flatpress 1.3

Published Mar 20, 2025

Tracked Since Feb 18, 2026