| Titre | SourceCodester Student Result Management System 1.0 Stored Cross Site Scripting |
|---|
| Description | A Stored Cross-Site Scripting (XSS) vulnerability exists in SRMS 1.0 via the School Name field on the system settings page. The application does not properly sanitize input before rendering it in the frontend. Once the malicious script is stored, it is injected into the root /srms/script/ page and automatically executed every time the page loads — even for unauthenticated users. This significantly increases the impact, as any visitor to the affected endpoint will trigger the payload, potentially enabling session hijacking, redirection, or other malicious activities without user interaction or authentication.
1 - Log in to the SRMS 1.0 application using an administrator account.
2 - Navigate to /srms/script/admin/system.
3 - In the School Name input field, insert the following payload:
<script>alert('PoC VulDB SRMS')</script>
Save the changes.
4 - Visit the root path /srms/script/. The injected JavaScript payload will automatically execute.
5 - Since this endpoint is accessible without authentication, the XSS is triggered for any user accessing the page, increasing the potential attack surface and confirming the presence of a high-impact Stored XSS vulnerability. |
|---|
| La source | ⚠️ https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README9.md |
|---|
| Utilisateur | RaulPACXXX (UID 84502) |
|---|
| Soumission | 19/06/2025 11:22 (il y a 1 Année) |
|---|
| Modérer | 21/06/2025 07:42 (2 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 313585 [SourceCodester Student Result Management System 1.0 System Settings Page /script/admin/system School Name cross site scripting] |
|---|
| Points | 20 |
|---|