SourceCodester Sanitization Management System cross site scripting

Vulnerability

A cross-site scripting (XSS) vulnerability exists in SourceCodester Sanitization Management System (php-sms). The flaw affects the file php-sms/?p=request_quote. An attacker can inject arbitrary JavaScript code into the application, which then executes in the browser of a user visiting the crafted URL. The exact version range is not specified in the available references, but the product is reported as vulnerable as of the publication date [2022-11-11] [1].

Exploitation

An attacker can trigger this vulnerability remotely without requiring authentication. The attack is initiated by crafting a URL containing malicious script code in the p parameter (or related parameters) of the request_quote endpoint. No user interaction beyond visiting the crafted link is needed for the payload to execute in the victim's browser [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's session on the affected site. This can lead to theft of session cookies, modification of page content, or redirection to malicious sites. The impact is limited to the browser of the targeted user; server-side code is not directly compromised [1].

Mitigation

No official fix from SourceCodester has been released as of the publication date. A workaround is to sanitize and validate user input for the request_quote page, and to enforce Content Security Policy (CSP) headers. Users should restrict access to the application or apply a web application firewall (WAF) rule to block malicious query strings. Not yet listed on CISA KEV.