Stored XSS via blog author parameter on admin.php?p=config in flatpressblog/flatpress
Valid
Reported on
Jan 1st 2023
Description
The blog author parameter is unsanitized on the page admin.php?p=config. In this way is possible to inject arbitrary javascript code
Proof of Concept
- Login as regular user
- Go to http://localhost/flatpress/admin.php?p=config
- Set as blog author
"><script>alert(document.domain)</script> - Refresh page

Impact
JavaScript code can be executed on the user end without any interaction.
We are processing your report and will contact the
flatpressblog/flatpress
team within 24 hours.
4 months ago
We have contacted a member of the
flatpressblog/flatpress
team and are waiting to hear back
4 months ago
The researcher's credibility has increased: +7
The fix bounty has been dropped
This vulnerability has been assigned a CVE
This vulnerability is scheduled to go public on
Mar 1st 2023
to join this conversation
