CVE-2024-31835
Description
A stored cross-site scripting vulnerability in FlatPress CMS v1.3 allows an authenticated admin attacker to execute arbitrary JavaScript by uploading a file with a crafted filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stored cross-site scripting vulnerability in FlatPress CMS v1.3 allows an authenticated admin attacker to execute arbitrary JavaScript by uploading a file with a crafted filename.
Vulnerability
FlatPress CMS v1.3 is vulnerable to a stored cross-site scripting (XSS) in the admin panel's file upload functionality. The filename parameter is not sanitized, allowing an attacker to inject arbitrary HTML/JavaScript. The vulnerability resides in the uploader component accessed via /admin.php?p=uploader&action=mediamanager. [1]
Exploitation
An attacker must have valid admin credentials to access the file upload page. The attacker intercepts the upload request (e.g., using Burp Suite) and modifies the filename to include a JavaScript payload, such as testtest. The malicious file is then stored on the server. [1]
Impact
Successful exploitation results in stored XSS. When the filename is rendered in the admin panel (e.g., in the media manager), the injected script executes in the context of the admin's browser. This can lead to session hijacking, defacement, or further compromise of the FlatPress instance. The description notes arbitrary code execution, but the practical impact is client-side JavaScript execution. [1]
Mitigation
As of the publication date (2024-10-01), no official patch has been released. The advisory states that a fix will be included in FlatPress version 1.3, but the current version 1.3 is affected. Users should restrict admin panel access and consider applying input validation on file names as a temporary workaround. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The file upload functionality does not properly sanitize filenames, allowing for the injection of malicious scripts."
Attack vector
A remote attacker can exploit this vulnerability by uploading a file with a crafted filename containing an XSS payload to the FlatPress CMS Admin Panel's file upload field [ref_id=1]. The payload is injected into the filename parameter, which is then rendered without proper sanitization. This allows the attacker to execute arbitrary code in the context of the victim's browser [ref_id=1].
Affected code
The vulnerability resides within the file upload functionality of the FlatPress CMS Admin Panel, specifically related to how the filename parameter is handled during the upload process [ref_id=1].
What the fix does
The advisory indicates that Flatpress v1.3 will contain a fix for this vulnerability. The exact details of the patch are not provided, but it is expected to involve proper sanitization of the filename parameter during the file upload process to prevent XSS payloads from being executed [ref_id=1].
Preconditions
- authThe attacker must have administrative access to the FlatPress CMS to reach the file upload functionality [ref_id=1].
Reproduction
1. Login with an admin account and navigate to the media manager uploader URL: `http://127.0.0.1/flatpress-1.2.1/admin.php?p=uploader&action=mediamanager` [ref_id=1]. 2. Intercept the file upload request using a proxy like Burp Suite. 3. Inject a JavaScript payload into the filename parameter, for example: `test<img src=a onerror=alert(1)>test` [ref_id=1]. 4. Complete the upload process to trigger the XSS payload.
Generated on Jun 6, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.