Post

Zero-Click Cross Site Scripting (XSS) in Teachers Record Management System Using Codeigniter v1.0 (CVE-2022-40471)

Posted
By RashidKhan Pathan 1 min read

Date: Nov 3, 2022

Discoverer: RashidKhan Pathan

Vulnerability Type: Cross-Site Scripting (XSS)

Vendor: Phpgurukul

Affected Product: Teachers Record Management System using CodeIgniter - 1.0

Description: A critical cross-site scripting (XSS) vulnerability, identified as CVE-2022-41445, has been unearthed in the Teachers Record Management System using CodeIgniter 1.0. This vulnerability empowers attackers to execute arbitrary web scripts or HTML by injecting a specially crafted payload into the Add Subject page.

Proof of Concept: View Proof of Concept

Attack Vector: To exploit this vulnerability, an attacker must first log in with an admin account. Subsequently, the attacker navigates to the Add Subject page, injects the arbitrary JavaScript payload, and clicks submit. Once the subject is added successfully, the attacker logs in with a teacher account, goes to User Details, then Profile View. Upon visiting the Profile View, the injected payload executes, demonstrating the severity of the XSS vulnerability.

Steps to Reproduce:

  1. Log in as an admin in the Teachers Record Management System.
  2. Navigate to the Add Subject page.
  3. Inject the arbitrary JavaScript payload into the appropriate field.
  4. Click submit to add the subject with the injected payload successfully.
  5. Log in with a teacher account.
  6. Go to User Details, then Profile View.
  7. Upon visiting the Profile View, observe the execution of the injected payload.

Impact: This XSS vulnerability poses a significant risk, allowing remote attackers to execute arbitrary code within the context of the affected user’s browser.

the scenario described would typically be considered a “Zero-Click” XSS attack, the payload is executed without any direct action or interaction from the victim (in this case, the teacher). The teacher, by merely opening the dashboard, becomes a victim of the XSS attack initiated by the admin who injected the malicious payload.

Reference:

Mitigation: To address this security flaw, it is recommended to implement robust input validation, sanitize user inputs, and adopt secure coding practices. Regular security assessments and audits are crucial for identifying and remedying vulnerabilities in web applications.

Discoverer: RashidKhan Pathan

Exploit, Zero-Click Exploit, Remote Code Execution, Web Exploitation, 0Day
exploit 0Day Remote Code Execution Zero-Click Exploit
This post is licensed under CC BY 4.0 by the author.