SourceCodester Simple Cold Storage Management System Setting cross site scripting

Vulnerability

A reflected cross-site scripting (XSS) vulnerability exists in SourceCodester Simple Cold Storage Management System version 1.0. The issue affects the Setting Handler component, specifically the file /csms/admin/?page=system_info. The System Name and System Short Name parameters are not properly sanitized before being output, allowing an attacker to inject arbitrary JavaScript code. The vulnerability has been publicly disclosed and a proof-of-concept exists [1].

Exploitation

An attacker can trigger the vulnerability by sending a crafted HTTP GET request to the vulnerable endpoint with malicious JavaScript payloads in the System Name or System Short Name parameters. The attack is remotely exploitable and does not require authentication. No special network position or user interaction beyond visiting the crafted URL is needed. The public proof-of-concept demonstrates the injection via the System Name parameter [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of the victim's browser. This can lead to session hijacking, defacement, or theft of sensitive information displayed on the page. The impact is limited to the user's browser session, but given the administrative context of the page, it could compromise admin credentials or actions.

Mitigation

As of the publication date (2022-10-17), no official patch or fixed version has been released by SourceCodester. The vendor has not acknowledged the issue. Users are advised to implement input sanitization for the System Name and System Short Name parameters, or to restrict access to the /csms/admin/ directory to trusted users only. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.