Projectworlds Lawyer Management System Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in Projectworlds Lawyer Management System version 1.0. The issue resides in the file '/lawyer_booking.php', where the 'description' parameter is not properly sanitized before being saved to the database. This allows malicious clients to inject JavaScript that is executed when lawyers view their booking requests. The vulnerability could be exploited to steal session cookies from lawyers, leading to session hijacking, unauthorized actions, or defacement of the lawyer's dashboard.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the booking requests.

Reproduction

To reproduce this vulnerability, log in as a client and navigate to the booking page. Enter a payload, such as an image tag with an 'onerror' event, into the 'description' field. Once the booking is submitted, the injected script will be executed when a lawyer views the booking requests.

Remediation

It is recommended to sanitize user input by encoding it before outputting it in HTML. Implementing a Content Security Policy and setting session cookies to HttpOnly can also help mitigate the risks associated with this vulnerability.