{"id":35864,"date":"2024-12-02T21:10:27","date_gmt":"2024-12-02T15:40:27","guid":{"rendered":"https:\/\/www.getastra.com\/blog\/?p=35864"},"modified":"2024-12-02T21:12:12","modified_gmt":"2024-12-02T15:42:12","slug":"stored-xss-vulnerability-in-dynamic-dashboard-paragraph-widget","status":"publish","type":"post","link":"https:\/\/www.getastra.com\/blog\/vulnerability\/stored-xss-vulnerability-in-dynamic-dashboard-paragraph-widget\/","title":{"rendered":"Stored XSS Vulnerability in Dynamic Dashboard Paragraph Widget"},"content":{"rendered":"
\n\n

Product Name:<\/strong> Dynamic Dashboard
Vulnerability:<\/strong> Stored XSS
Vulnerable Version: <\/strong>>= 3.0.0, < 3.0.1
CVE:<\/strong> CVE-2024-47817<\/p>\n\n<\/div>\n\n\n

On October 5, 2024, the security researchers from Astra discovered a severe Stored Cross-Site Scripting vulnerability in Dynamic Dashboard\u2019s paragraph widget. The widget, used for text and markdown, has inadequate input sanitization allowing attackers to inject malicious code. This injected code can be executed within the any user\u2019s or admin\u2019 browser compromising overall user security.<\/p>\n\n\n\n

<\/span>How Does a Stored XSS Vulnerability Occur?<\/span><\/h2>\n\n\n\n

Phase 1: Injection<\/h3>\n\n\n\n

The attack starts with the attacker injecting malicious JavaScript code into the application through various payloads and embedding it via the Markdown links in the widget.<\/p>\n\n\n\n

Phase 2: Storage<\/h3>\n\n\n\n

The code injected through the paragraph widget is then stored into the application database and is reflected on a certain section of the application waiting for any user or admin to interact with it.<\/p>\n\n\n\n

Phase 3: Execution<\/h3>\n\n\n\n

Every time any user or an admin visits the affected page with the paragraph widget, the malicious code is triggered in their browser sessions. This can be used for various types of exploits like data theft, account takeover or distribution of malware.<\/p>\n\n\n\n

<\/span>Impact of Stored XSS Vulnerability<\/span><\/h2>\n\n\n\n

Session Hijacking <\/h3>\n\n\n\n

Attackers can use this vulnerability to hijack sessions by stealing other users’ cookies or session tokens, leading to unauthorized data access and complete account takeover.<\/p>\n\n\n\n

Malware Distribution <\/h3>\n\n\n\n

Stored XSS is a persistent vulnerability, allowing attackers to spread malware through the injected pages as XSS is triggered for every user that interacts with the infected page.<\/p>\n\n\n\n

Website Defacement<\/h3>\n\n\n\n

Malicious scripts used for XSS can also alter webpage content , inject ads or deface the website disrupting the user experience directly affecting the trust of the users on the website.<\/p>\n\n\n\n

<\/span>Current Status and Mitigation<\/span><\/h2>\n\n\n\n

Following the discovery of the vulnerability, the Dynamic Dashboard development team was promptly notified. The team acknowledged the vulnerability affected versions >3.0.0. The team quickly applied fixes like input sanitization and output encoding in their v3.0.2 release to ensure that the user input code was not executed within the application.<\/p>\n\n\n\n

<\/span>What Can You Do?<\/span><\/h2>\n\n\n\n

Update the affected version to the latest version released by the Dynamic Dashboard<\/a> team.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Product Name: Dynamic DashboardVulnerability: Stored XSSVulnerable Version: >= 3.0.0, < 3.0.1CVE: CVE-2024-47817 On October 5, 2024, the security researchers from Astra discovered a severe Stored Cross-Site Scripting vulnerability in Dynamic Dashboard\u2019s paragraph widget. The widget, used for text and markdown, has inadequate input sanitization allowing attackers to inject malicious code. This injected code can be … Read more<\/a><\/p>\n","protected":false},"author":121,"featured_media":35865,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[723],"tags":[],"class_list":["post-35864","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/35864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/users\/121"}],"replies":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/comments?post=35864"}],"version-history":[{"count":2,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/35864\/revisions"}],"predecessor-version":[{"id":36790,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/35864\/revisions\/36790"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media\/35865"}],"wp:attachment":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media?parent=35864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/categories?post=35864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/tags?post=35864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}