Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS

vendor:

Customer Support System

by:

Saeed Bala Ahmed (r0b0tG4nG)

5.5

CVSS

MEDIUM

Stored XSS

CWE

Product Name: Customer Support System

Affected Version From: Version 1

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Parrot OS

2020

Customer Support System 1.0 – “First Name” & “Last Name” Stored XSS

The Customer Support System 1.0 is vulnerable to stored XSS. An attacker can insert a malicious script in the "First Name" and "Last Name" fields of the user profile, which will be triggered when the user logs in with valid credentials.

Mitigation:

To mitigate this vulnerability, the application should properly sanitize and validate user inputs before storing them in the database. It is recommended to use input validation and output encoding techniques to prevent XSS attacks.

Source

Exploit-DB raw data:

# Exploit Title: Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS
# Exploit Author: Saeed Bala Ahmed (r0b0tG4nG)
# Date: 2020-12-11
# Google Dork: N/A
# Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14587&title=Customer+Support+System+using+PHP%2FMySQLi+with+Source+Code
# Affected Version: Version 1
# Tested on: Parrot OS

Step 1. Login to the application with any valid credentials

Step 2. Click on the username in header and select "Manage Account".

Step 3. On "Manage Account" page, insert "<script>alert("r0b0tG4nG")</script>" in both the "First Name" & "Last Name" fields.

Step 4. Complete the other required details and click on save to update user information.

Step 5. This should trigger the XSS payloads. Whenever the user logs in with same valid credentials, the XSS payloads will be triggered