Reflected XSS in Admin Panel

Report ID: CVE-2023–41616
Date: August 26, 2023
Reported By: Tushar Gurav (guravtushar231@gmail.com)

Summary:
I am writing to report a critical reflected cross-site scripting (XSS) vulnerability identified in the “Search Student” feature of the Student Management admin panel. By injecting a specially crafted payload, an attacker can trigger the execution of arbitrary JavaScript code in the context of another user’s browser. This report serves to inform about the vulnerability and its potential risks.

Vulnerability Details:

Vulnerability Type: Reflected Cross-Site Scripting (XSS)
Affected Component: Admin Panel — Search Student
Affected Versions: All versions up to the latest release (v1.2.3)
CVE ID: CVE-2023–41616
Description:
The “Search Student” feature within the admin panel of the Student Management is vulnerable to a reflected cross-site scripting (XSS) attack. The application fails to properly sanitize user input, resulting in the injection of malicious JavaScript code into the response page. As a consequence, when an attacker inserts a specially crafted payload, such as “><script>alert(document.cookie)</script>, and a victim interacts with the malicious link, the payload is executed, triggering an alert displaying the victim’s cookies.

Steps to Reproduce:

Log in to the admin panel of the Student Management.
Navigate to the “Search Student” section.
Enter the following payload in the search field:
php

“><script>alert(document.cookie)</script>

Initiate the search or perform any action that triggers the payload.
An alert will pop up displaying the victim’s cookies.
Impact:
Successful exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the context of another user’s browser. This can lead to:

Theft of sensitive data, such as cookies or session tokens.
Malicious actions performed on behalf of the victim.
Distribution of malware or phishing attacks to application users.
Recommendation:
To address this vulnerability and enhance the security of the Student Management, the following actions are recommended:

Input Validation: Implement robust input validation and sanitization to prevent the injection of malicious code.
Output Encoding: Properly encode user-generated content before rendering it in the response.
Content Security Policy (CSP): Implement a strict CSP header to mitigate the impact of XSS attacks.
Security Testing: Regularly conduct security assessments, including vulnerability scanning and penetration testing, to identify and remediate potential security flaws.
Proof of Concept:
A detailed proof of concept is not provided in this report to prevent any potential misuse. The steps outlined above should be sufficient for your team to validate and address the issue.