Code-Projects Hotel and Tourism Reservation System Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the Hotel and Tourism Reservation System version 1.0. The issue resides in the tour booking functionality, specifically within the file '/ht/tour.php'. An attacker can inject malicious scripts into several contact fields, including name, email, people, and number. These scripts are then executed when an administrator accesses the reservations management page at '/ht/admin/tour_reserves.php'. This vulnerability allows for session hijacking, credential theft, or a complete takeover of the admin account.

Impact

Exploitation of this vulnerability allows for the execution of injected scripts in the context of the admin user, potentially leading to a full account takeover.

Reproduction

To reproduce this vulnerability, first install the Hotel and Tourism Reservation System 1.0 on a server running XAMPP. Access the application as an unauthenticated user and navigate to the tour booking page. Enter a script payload into any of the contact fields, then submit the reservation. After the payload is stored, log in as an admin and go to the tour reservations panel, where the injected script will execute immediately.

Remediation

To address this vulnerability, ensure that all user inputs are properly sanitized before being stored in the database, and encode outputs before rendering them in the admin panel.