CVE-2024-1972 in Online Job Portal
Summary
by MITRE • 02/29/2024
A vulnerability was found in SourceCodester Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Employer/EditProfile.php. The manipulation of the argument Address leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-255128.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 04/18/2025
The vulnerability identified as CVE-2024-1972 represents a critical cross site scripting flaw within the SourceCodester Online Job Portal version 1.0 application. This security weakness specifically affects the Employer/EditProfile.php component where user input validation is insufficiently implemented. The vulnerability manifests when an attacker manipulates the Address parameter, which then gets improperly processed and reflected back to users without adequate sanitization measures. The issue stems from the application's failure to properly escape or filter user-supplied data before rendering it within the web page context, creating an environment where malicious scripts can be executed in the victim's browser.
This vulnerability operates under the Common Weakness Enumeration framework as CWE-79, which specifically addresses Cross-Site Scripting flaws in web applications. The attack vector is remotely exploitable, meaning that an adversary can initiate the malicious payload without requiring physical access to the target system or local network privileges. The exploit has been publicly disclosed and is actively available in the vulnerability database VDB-255128, which increases the likelihood of real-world exploitation. The remote nature of the attack aligns with ATT&CK technique T1566.001, which describes spearphishing attacks through email, as attackers can easily distribute malicious payloads through various communication channels targeting the vulnerable web application.
The operational impact of this vulnerability extends beyond simple data theft or defacement, as it can enable attackers to hijack user sessions, perform unauthorized actions on behalf of legitimate users, or redirect victims to malicious websites. When an attacker successfully injects malicious scripts through the Address parameter, they can potentially steal session cookies, capture sensitive information entered by users, or manipulate the application's functionality to gain unauthorized access to employer profiles and associated job listings. The exploitation process involves crafting a malicious payload that when submitted to the vulnerable EditProfile.php endpoint, gets executed in the context of other users' browsers. This creates a persistent threat where multiple users could be affected simultaneously, as the malicious script executes whenever the compromised page is loaded.
Mitigation strategies for CVE-2024-1972 should prioritize immediate implementation of input validation and output encoding measures. The application must implement proper sanitization of all user-supplied data, particularly the Address parameter, through the use of context-appropriate escaping mechanisms such as HTML entity encoding for web page contexts. Additionally, implementing Content Security Policy headers can provide an additional layer of protection against script execution. The development team should also consider implementing proper parameter validation, length restrictions, and regular security testing including dynamic application security testing to identify similar vulnerabilities. The fix should align with secure coding practices recommended by OWASP and incorporate proper input validation frameworks to prevent similar issues in future releases of the Online Job Portal application.