Security News > 2021 > June > Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE

An unpatched stored cross-site-scripting security vulnerability affecting Linux marketplaces could allow unchecked, wormable supply-chain attacks, researchers have found.

To boot, the PlingStore application is affected by an unpatched remote code-execution vulnerability, which researchers said can be triggered from any website while the app is running - allowing for drive-by attacks.

After adding an XSS payload in the HTML code section, he found that the XSS could triggered when visiting a malicious listing in the affected marketplace.

Attackers could exploit the bug to modify active listings, or post new listings on Pling-based stores in the context of other users, resulting in a wormable XSS, the researcher warned.

"Besides the typical XSS implications, this would allow for a supply-chain attack XSS worm using a JavaScript payload that performs the following two steps: Upload a new version of their software; [and] change the metadata of the victim's listings to itself include this malicious payload," he said.

Essentially, any of the downloadable assets might be compromised, so users should be warned that any listing on any of the affected marketplaces could hijack a user's account on the platform via XSS, Bräunlein said.

News URL

https://threatpost.com/unpatched-linux-marketplace-bugs-rce/167155/