PHPEMS Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in PHPEMS version 11.0. The issue arises in the file '/index.php?ask=app-ask', where the 'askcontent' parameter can be manipulated to inject malicious scripts. This vulnerability requires user interaction to exploit and can be executed remotely. Once the script is injected, it is stored and can be executed later, potentially leading to the theft of cookies or other sensitive information.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Reproduction

To reproduce this vulnerability, log into the application with a regular user account and navigate to '/index.php?ask=app-ask'. Enter a title and inject a script tag containing JavaScript code, such as an alert command, into the 'askcontent' parameter. After submitting, log out and log back in as an administrator. Access the 'ask-master-ask' page, where the injected script will execute.