Critical Vulnerability Information Vulnerability Overview Vulnerability Type: Reflected Cross-Site Scripting (XSS) Affected Versions: WebSSH <= v1.6.2 Discovery Date: April 9, 2025 Vulnerability Details Affected Parameter: port (GET) Affected URL: CVE ID: CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-Site Scripting) Root Cause Analysis The application directly injects unvalidated user input from the query parameter into the HTML response, allowing arbitrary JavaScript code to execute in the user's browser. Impact Execution of arbitrary JavaScript in victim's browser Session hijacking and credential theft Phishing via trusted domains Cross-Site Request Forgery (CSRF) via JavaScript Browser-based malware injection Description This reflected XSS vulnerability exists in the parameter of WebSSH <= v1.6.2. Attackers can craft a malicious URL to inject JavaScript into the server's response, causing it to execute in the victim's browser. This issue is unrelated to any prior XSS findings in the parameter. Public Disclosure GitHub Issue: huashengdun/WebSSH#410 Disclosure Date: April 9, 2025 Proof of Concept (PoC) Confirmed Payload: Recommended Remediation Implement strict input validation (e.g., ensure contains only digits) Escape or encode dynamic content before rendering as HTML Use template engines that automatically escape user input Enforce a strong Content Security Policy (CSP) Security Recommendations Sanitize and validate all user input Enable HTTP-only and Secure cookie flags Conduct regular code reviews and XSS testing Deploy a Web Application Firewall (WAF) Educate developers on secure coding practices