CVE-2023-38501

Name of the Vulnerable Software and Affected Versions copyparty versions prior to 1.8.7

Description The application contains a reflected cross-site scripting vulnerability via URL-parameters ?k304=... and ?setck=.... This could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link.

Recommendations For versions prior to 1.8.7, update to version 1.8.7 to resolve the issue. As a precautionary measure, consider changing the passwords of your copyparty accounts, unless you have inspected your logs and found no trace of attacks. If copyparty is running behind a reverse proxy, check the access-logs for traces of attacks by grepping for URLs containing ?hc= with < somewhere in its value.