CVE-2023-49489 Scanner

KodExplorer is a web-based file management system designed for personal cloud storage, online document editing, and team collaboration. It is commonly used by developers, enterprises, and educational institutions to manage and share files efficiently. With its extensive plugin system and rich UI, KodExplorer provides users with a seamless file access experience. The software allows users to edit, preview, and manage files from anywhere via a web interface. KodExplorer is widely adopted due to its ease of installation and compatibility with various hosting environments. However, like any web-based application, it is susceptible to security vulnerabilities.

The identified vulnerability is a Reflective Cross-Site Scripting (XSS) issue in KodExplorer version 4.51. XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users. In this case, the vulnerability exists in the "APP_HOST" parameter within the configuration files. By exploiting this flaw, attackers can execute arbitrary JavaScript in the victim’s browser. This can lead to unauthorized access to sensitive information, session hijacking, and privilege escalation. The impact of such vulnerabilities depends on the application's user base and data sensitivity.

The vulnerability is located in the APP_HOST parameter at config/i18n/en/main.php. Attackers can craft a malicious request embedding JavaScript payloads within the parameter, which is then executed when rendered in the user's browser. The exploitation relies on injecting payloads directly via a crafted HTTP request. Since this is a reflective XSS vulnerability, the malicious script is not stored on the server but executed in real-time when the victim accesses the affected page. The vulnerability is triggered when the user interacts with the manipulated URL or request. This flaw allows attackers to manipulate browser-side content dynamically, leading to various attack scenarios.

If exploited, this vulnerability can result in severe security issues for users and administrators. Attackers can steal cookies, session tokens, and other sensitive credentials, leading to account takeovers. Additionally, the vulnerability can be used for phishing attacks by injecting deceptive content into legitimate pages. Users can also be redirected to malicious sites, resulting in further compromise. In multi-user environments, attackers may gain unauthorized access to higher-privileged accounts. Ultimately, persistent exploitation of such vulnerabilities can degrade the integrity and security of the KodExplorer application.

REFERENCES

• https://github.com/kalcaddle/KodExplorer/issues/526