Home page logo
/

bugtraq logo Bugtraq mailing list archives

FlashCanvas 1.5 proxy.php XSS Vulnerability
From: code () 7elements co uk
Date: Wed, 11 Dec 2013 15:59:54 GMT

Advisory Information

Title: FlashCanvas proxy.php XSS Vulnerability

Date published: 11 December 2013

Reference: CVE-2013-6880

Advisory Summary

Script does not adequately verify the Referer header before requesting (via curl) the remote URL specified in the ‘url’ 
GET parameter and rendering it.

Vendor

FlashCanvas.net <http://flashcanvas.net/>

Affected Software

FlashCanvas 1.5 and possibly older.

FlashCanvas is also used in other software frameworks such as WebShims, therefore the affected software maybe wider.

Description of Issue

The issue exists because the proxy.php script does not adequately verify the Referer header before requesting (via 
curl) the remote URL specified in the ‘url’ GET parameter and rendering it. This leads to some interesting 
possibilities, the one proved being cross-site scripting. 

More technical detail can be found here:
http://www.7elements.co.uk/resources/blog/cve-2013-6880-proof-concept/


Fix

We would recommend updating to version 1.6 http://flashcanvas.net/release/1.6


  By Date           By Thread  

Current thread:
  • FlashCanvas 1.5 proxy.php XSS Vulnerability code (Dec 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault