Knap Advanced PHP Login Persistent Cross-Site Scripting Vulnerability

A persistent cross-site scripting vulnerability has been identified in Knap Advanced PHP Login version 3.1.3. This vulnerability allows remote attackers to inject malicious scripts into the name parameter. Exploitation of this issue could lead to the execution of arbitrary scripts in the users and activity log backend modules, potentially causing session hijacking and persistent phishing attacks.

Impact

Exploitation of this vulnerability allows for persistent cross-site scripting, where injected scripts are executed in the context of the user and activity log backend modules. This could lead to session hijacking and persistent phishing attacks.

Reproduction

To reproduce this vulnerability, register a user account or have an admin register one. Then, navigate to the 'My Profile' section and update the name field with a script payload. Once submitted, the injected script will execute in the activity log and user listings, visible to admins or moderators.

Remediation

To address this vulnerability, input validation should be improved by restricting the name parameter to disallow special characters. Additionally, the content of the name parameter should be encoded and escaped to sanitize user input before it is displayed. Finally, output locations in the user and activity log modules should be sanitized and filtered to remove any malicious scripts.