phpipam Stored Cross-Site Scripting Vulnerability in Circuits Options Functionality

A stored cross-site scripting vulnerability has been identified in phpipam version 1.5.2. The issue resides within the circuits options feature, where an attacker can inject malicious scripts through the 'option' parameter in a POST request to /phpipam/app/admin/circuits/edit-options-submit.php. This injected script is executed in the context of the user's browser, potentially leading to cookie theft and unauthorized access to end-user files.

Impact

Exploitation of this vulnerability allows for the injection of malicious scripts that are executed in the context of the user's browser, leading to cookie theft and unauthorized disclosure of end-user files.

Reproduction

To reproduce this vulnerability, send a POST request to /phpipam/app/admin/circuits/edit-options-submit.php with the 'option' parameter containing the injected script, such as a JavaScript 'alert' payload. Include the necessary cookies to maintain the phpipam session.

Remediation

Users can upgrade to phpipam version 1.7.0 or later, where this vulnerability has been fixed.