CVE-2024-3426 in Online Coursewareinfo

Summary

by MITRE • 04/07/2024

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Courseware 1.0. Affected by this issue is some unknown functionality of the file editt.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259598 is the identifier assigned to this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 04/08/2025

The vulnerability identified as CVE-2024-3426 represents a critical cross site scripting flaw within the SourceCodester Online Courseware 1.0 application. This security weakness resides in the editt.php file and demonstrates a classic input validation failure that allows attackers to inject malicious scripts into the application's response. The vulnerability is particularly concerning because it affects the id parameter, which is likely used to identify and retrieve specific course or content records for editing purposes. When an attacker manipulates this parameter, they can inject malicious JavaScript code that will execute in the context of other users' browsers who access the affected functionality.

The technical nature of this vulnerability aligns with CWE-79, which specifically addresses cross site scripting flaws in web applications. This classification indicates that the application fails to properly sanitize or encode user-supplied input before incorporating it into dynamically generated web pages. The attack vector is remote, meaning that malicious actors can exploit this vulnerability without requiring physical access to the system or direct network interaction with the application's servers. The exploit has been publicly disclosed, which significantly increases the risk of exploitation as threat actors can readily implement the attack without requiring advanced technical knowledge or custom development.

The operational impact of this vulnerability extends beyond simple script execution, potentially enabling attackers to perform session hijacking, steal sensitive user credentials, access restricted functionality, or even redirect users to malicious websites. The affected editt.php file suggests this vulnerability could compromise the editing functionality of courseware content, potentially allowing attackers to modify course materials or inject malicious content that would be visible to other users. The remote exploit capability means that this vulnerability could be leveraged at scale, affecting any user who accesses the vulnerable application through internet-connected devices.

Organizations utilizing SourceCodester Online Courseware 1.0 should implement immediate mitigations including input validation and output encoding for all user-supplied parameters, particularly those used in dynamic content generation. The recommended approach aligns with ATT&CK technique T1566, which addresses social engineering through malicious content delivery, as this vulnerability enables attackers to deliver malicious scripts through legitimate application interfaces. Security measures should include implementing proper parameter validation, employing Content Security Policy headers, and ensuring all user input is properly sanitized before being processed or displayed. Additionally, regular security updates and vulnerability assessments should be conducted to identify and remediate similar issues in the application's codebase, with particular attention to all PHP files that handle user input and dynamic content generation to prevent similar cross site scripting vulnerabilities from emerging in other components of the system.

Responsible

VulDB

Reservation

04/06/2024

Disclosure

04/07/2024

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00581

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!