pH7 Software pH7-Social-Dating-CMS Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in pH7 Software's Social Dating CMS version 17.9.1. This vulnerability resides within the application's messaging system, where unsanitized message content submitted by one user is saved by the server and later displayed in another user's Inbox without proper context-aware encoding. Consequently, attacker-controlled content is executed in the recipient's browser context when the Inbox message is viewed.

Impact

Exploitation of this vulnerability allows for the execution of malicious scripts in the context of the user receiving the message, potentially leading to session hijacking, account takeover, and unauthorized actions performed on behalf of the user. If an admin or privileged user views the message, the impact could extend to high-privilege accounts.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the messaging system. Send a message containing a script payload from one user to another. After the message is received, the script will execute in the recipient's browser, demonstrating the cross-site scripting vulnerability. This can be verified by using a harmless script payload, such as an alert, which will pop up when the message is opened.