Open ISES Tickets Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Open ISES Tickets versions prior to 3.44.2. The issue resides in the 'street_view.php' file, where unsanitized values from the 'thelat' and 'thelng' GET parameters are injected directly into JavaScript variable assignments. This vulnerability allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser by crafting a malicious URL that exploits the flaw.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject malicious JavaScript that is executed in the victim's browser.

Reproduction

To reproduce this vulnerability, an authenticated user can send a request to 'street_view.php' with crafted 'thelat' and 'thelng' GET parameters. These parameters should include a JavaScript payload, which will be executed in the browser when the URL is accessed.

Remediation

Users are advised to upgrade to Open ISES Tickets version 3.44.2 or later, where this vulnerability has been patched.