Flightpath 4.8.3 XSS

    Disclosure date:  08/16/19


    Flightpath 4.8.3 and possibly before are affected by numerous Cross Site Script vulnerabilities in the "Content", "Edit urgent message", and "Users" section of the Admin Console.  This could lead to cookie stealing and other malicious actions.  This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors.

    From the Content menu, create or edit an item from the list and populate the Title with XSS:

    When selecting Submit:

    We view the XSS exploitation.  

    Viewing the POST request in Burp:

    The source for the corresponding form:

    © 2020 sevenlayers.com