Next Click Ventures RealtyScript Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities

A cross-site request forgery (CSRF) vulnerability and multiple persistent cross-site scripting (XSS) vulnerabilities have been identified in Next Click Ventures RealtyScript version 4.0.2. These vulnerabilities allow attackers to perform administrative actions and inject malicious scripts. The CSRF vulnerability can be exploited by crafting a malicious web page that, when visited by a logged-in user, executes unauthorized actions. The persistent XSS vulnerabilities arise from improper sanitization of user input, enabling the execution of arbitrary HTML and script code in the context of the affected application.

Impact

Exploitation of these vulnerabilities could lead to unauthorized administrative actions and the injection of persistent malicious scripts that execute in the application context.

Reproduction

The CSRF vulnerability can be reproduced by creating a form that submits to an administrative action endpoint, such as 'addusers.php' or 'editadmins.php', and including the necessary data to perform the desired action. This form can then be hosted on a malicious website. The persistent XSS vulnerabilities can be reproduced by injecting unsanitized script tags into various input fields, such as 'file' or 'location_name', which are then executed when the data is retrieved and displayed by the application.