ResourceSpace SQL Injection Vulnerability in Collection Edit Feature

A SQL injection vulnerability has been identified in ResourceSpace version 8.6. This issue allows authenticated attackers to execute arbitrary SQL queries by injecting malicious payloads into the keywords parameter of the collection_edit.php page. Exploitation of this vulnerability could lead to the extraction of sensitive database information, including schema names, user credentials, and other confidential data.

Impact

Exploitation of this vulnerability allows for arbitrary SQL execution, which could lead to unauthorized data access or manipulation. In this case, it could be used to extract sensitive database information such as schema names and user credentials.

Reproduction

To reproduce this vulnerability, send a POST request to the collection_edit.php page with a crafted SQL payload in the keywords parameter. Include a valid CSRF token and other required fields such as name and reference. The SQL injection can be verified by using a payload that, for example, extracts database schema names.