CVE-2024-8152

XSS vulnerability from Sourcecodester QR Code Bookmark System 1.0 (add-bookmark.php)

CVE-2024-8152

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/add-bookmark.php of the component Parameter Handler. The manipulation of the argument name/url leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected Project: QR Code Bookmark System 1.0

Official Website: https://www.sourcecodester.com/php/17286/qr-code-bookmark-system-using-php-and-mysql-source-code.html

Version: 1.0

Related Code file: add-bookmark.php

Injection parameter: name, url

Vulnerability Description

The name, url parameters are vulnerable to the tested XSS payload: %3cIMG%20%22%22%22%3e%3cSCRIPT%3ealert(%22XSS%22)%3c%2fSCRIPT%3e%22%3e. This string is encoded and when decoded, it attempts to inject a script into the webpage: <IMG """"><SCRIPT>alert("XSS")</SCRIPT>">

Application does not properly sanitize or validate the input, this script could be executed in the user’s browser, leading to an XSS attack.

Demonstration

Below is how QR Code Bookmark System looks like:

We can add bookmark as such:

Intercept the add(add-bookmark.php) traffic using Burp Suite and inject the following payload:

%3cIMG%20%22%22%22%3e%3cSCRIPT%3ealert(%22XSS%22)%3c%2fSCRIPT%3e%22%3e

Payload used above is HTML encoded and decodes as <IMG """><SCRIPT>alert("XSS")</SCRIPT>">

Upon sending the modifying traffic containing XSS payload, we can verify the vulnerability: