SourceCodester Student Grades Management System Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in SourceCodester Student Grades Management System version 1.0. The issue resides in the Classroom module, specifically within the 'create_classroom' function of 'classroom.php'. The vulnerability arises because the application does not properly sanitize user inputs in the Description field when a classroom is created. As a result, malicious JavaScript can be injected and executed automatically when an administrator or teacher views the affected classroom page.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript, which could lead to session hijacking, account takeover, user impersonation, and potentially remote code execution through browser exploitation. Additionally, it could be used for phishing attacks and credential theft.

Reproduction

To reproduce this vulnerability, a user with teacher-level privileges can inject a malicious payload, such as an image tag (with an invalid image source) using an 'onerror' event. This payload will execute automatically when the classroom page is accessed.

Remediation

To address this vulnerability, it is recommended to implement strict input sanitization for HTML fields, apply output encoding before rendering user data, enforce a Content Security Policy (CSP), and validate rich-text fields against libraries that are safe from XSS.