Davidedc97

Name of the Vulnerable Software and Affected Versions: flaskBlog versions 2.8.0 and earlier Description: The application checks the `userRole` for "admin" privileges only when accessing the /admin page, but not its subroutes. Specifically, the check is performed in `routes/adminPanel.py`, but not in `routes/adminPanelComments.py` and `routes/adminPanelPosts.py`. This allows unauthorized users to bypass access restrictions and access sensitive data on the following pages: /admin/posts, /adminpanel/posts, /admin/comments, and /adminpanel/comments. Recommendations: flaskBlog versions prior to 2.8.0: Implement role-based access control checks for all subroutes of the /admin page, including `routes/adminPanelComments.py` and `routes/adminPanelPosts.py`, to ensure that only authorized users can access these pages.

Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.0 Description: flaskBlog is a blog application built with Flask. A stored cross-site scripting (XSS) issue exists due to a lack of validation for the content of a post stored in the `postContent` variable. The application displays the post content using the `| safe` filter, which disables output escaping, leading to potential XSS exploitation. The vulnerable code resides in the template/routes.html file. Recommendations: Update flaskBlog to version 2.8.0 or later.

Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.1 Description: flaskBlog is a blog app built with Flask. An arbitrary user can change their role to "admin", granting administrative privileges such as deleting users, posts, and comments. The issue resides in the `routes/adminPanelUsers` file. Recommendations: Update to version 2.8.1 or later.

Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.0 Description: flaskBlog is a blog application built with Flask. A flaw exists where there is no validation of comment ownership during deletion. This allows any user to delete comments belonging to other users on any post by intercepting the delete request and modifying the `commentID`. The vulnerable code is located in `routes/post.py`. Recommendations: Update flaskBlog to version 2.8.0 or later.