Stored Cross-site Scripting (Stored XSS) in Sourcecodester Free and Open Source inventory management system 1.0 (/app/action/add_staff.php and /pages/staff_list.php)

CVE-2024-9323

Description and Impact:

  • This vulnerability was found in Free and Open Source inventory management system project with version 1.0 in Sourecodester (https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html)
  • The vulnerability was found in Staff function, when adding new staff, I can inject some malicious javascript code in Name, Designation, Address parameter.
  • Application does not properly sanitize or validate the input, after adding new staff, if we access to staff_list.php function, it will trigger the malicious javascript code I just added before, lead to stored XSS

Step to reproduce:

  • First, access to the dashboard of the website

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’

  • Then click of Staff and choose Add Staff section

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’

  • At the Name, Designation, Address parameter, inject a malicious javascript code. For my example, I will use <script>alert(1337)</script> for Name parameter, <script>alert(1338)</script> for Designation parameter, and <script>alert(1339)</script> for Address parameter and then click Add member to save new staff.

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’

  • Finally, click on Staff list right below the Add staff to trigger stored XSS vulnerability

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More โ†’