Diskover Web Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Diskover Web version 2.3.0 Community Edition. The issue arises from unsanitized GET parameters, including maxage, maxindex, index, path, q (query), and doctype, which are directly echoed into the HTML response. This flaw allows attackers to inject and execute arbitrary JavaScript when a victim visits a maliciously crafted URL.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, send a GET request to 'selectindices.php' or 'search.php' with one of the vulnerable parameters (maxage, maxindex, index, q, or doctype) included. The unsanitized input will be reflected in the response, executing any injected JavaScript. This vulnerability can also be demonstrated by including the malicious script in the 'path' parameter when accessing 'd3_data_bar_mtime_searchresults.php' or 'd3_data_search.php'.