ReNgine Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in ReNgine versions through 2.2.0, specifically within the Vulnerabilities module. This issue allows for the injection of unsanitized XSS payloads during target scans, which are then executed as arbitrary JavaScript in the context of the victim's browser. This vulnerability could be exploited to hijack session cookies, perform unauthorized actions, or compromise the ReNgine administrator's account.

Impact

Exploitation of this vulnerability allows for session hijacking, unauthorized actions on behalf of the administrator, and a general compromise of the admin's account.

Reproduction

To reproduce this vulnerability, scan a target with a URL parameter containing an XSS payload, such as a SVG image with an 'onload' event. After the scan, the injected payload will execute in the administrator's browser when the results are viewed in the Vulnerabilities tab.

Remediation

Users are advised to sanitize and escape user-supplied input before displaying scan results. Proper HTML encoding should be implemented for any user-controlled output in the Vulnerabilities tab.