From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: 2. Severity: High (8.0/10) 3. Publisher: 4. Publication Date: Last week 5. Affected Version: 6. Fixed Version: 7. Description: - Blog Post: - Potential Threat: An attacker may take over an admin account by modifying the "Custom URL - Logo" field. 8. Details: - Vulnerability Overview: In the "Interface" section of the Ampache menu, users can modify the "Custom URL - Logo" field. However, this field lacks proper input validation, allowing the injection of strings that can execute JavaScript. 9. Expected Normal Usage: - When a user modifies the logo URL, the expected output should be: 10. Attack Scenario: - An attacker can inject the following code: 11. Recommended Fix: - Implement stricter input validation to prevent execution of arbitrary JavaScript code, including validating inputs to ensure only safe and expected values are allowed. 12. Exploitation Scenario: - CSRF Login: The attacker creates a malicious link; when clicked, it triggers a CSRF request to log the admin into the attacker’s account. - XSS Injection: The XSS payload executes, captures the admin’s cookies, stores them locally, clears all cookies (logging out the admin), and sets the attacker’s cookies to a specific path. When the admin logs back in and accesses , the application uses the attacker’s cookies for the session. - Redirect to Login: The admin is redirected to to re-authenticate. - Access : The admin accesses , where the XSS payload executes again, leading to cookie leakage. 13. PoC: - A video demonstration (PoC) was created to illustrate the vulnerability and can be viewed under . 14. Impact: - This vulnerability enables account takeover and allows JavaScript execution on any page. This could lead to unauthorized access, data theft, and potentially complete system compromise. This information provides a detailed overview of the vulnerability’s nature, impact, and remediation recommendations, aiding in understanding its severity and how to resolve it.