CVE-2021-36646 Scanner

KodExplorer is a web-based file management system used by various businesses and individuals for personal cloud disc management. It allows users to view, edit, and share files online, providing functionalities similar to a proprietary cloud storage solution. KodExplorer supports a variety of file types and includes features like user permission management, making it a choice for collaborative environments. Companies use KodExplorer to streamline file sharing processes and enhance productivity in virtual workspaces.

The vulnerability detected in KodExplorer is a Cross-Site Scripting (XSS) vulnerability. This type of vulnerability can allow attackers to inject malicious scripts into web pages viewed by other users. If successfully exploited, it enables attackers to execute malicious JavaScript within the context of another user's session. This scenario is particularly dangerous as it can be used to steal user credentials, session tokens, or other sensitive information.

The KodExplorer vulnerability resides in its file view functionality, specifically in the app/template/api/view.html file. The vulnerability is triggered when user-supplied input in the 'path' parameter is reflected back in the web page response without adequate sanitization or encoding. This flaw allows attackers to inject and execute arbitrary JavaScript code in the user's browser, potentially leading to hijacked user sessions or unauthorized actions.

Exploiting this vulnerability could lead attackers to conduct phishing attacks, redirect users to malicious sites, or perform unauthorized actions on behalf of the affected users. The implications also include heightened risks of data leakage or corruption, as attackers could access sensitive data if permissions are insufficiently restricted. Organizations using KodExplorer without applying security updates are particularly vulnerable to these exploits.

REFERENCES

• https://github.com/kalcaddle/KodExplorer/issues/482
• https://nvd.nist.gov/vuln/detail/CVE-2021-36646