SourceCodester Simple Customer Relationship Management System Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in SourceCodester Simple Customer Relationship Management System version 1.0. The issue arises in the Create Ticket feature, specifically within the file '/create-ticket.php'. User input in the Ticket Subject and Ticket Description fields is not properly sanitized before being saved to the database. This allows attackers to inject malicious JavaScript, which is executed when the ticket is viewed. The vulnerability could be exploited to execute arbitrary scripts in the context of the user, potentially leading to cookie theft, unauthorized actions on behalf of the user, phishing attacks, or content defacement.

Impact

Exploitation of this vulnerability allows for the execution of injected JavaScript in the victim's browser, with the potential to steal session cookies, perform actions as the victim, conduct phishing attacks, deface application content, or, if an administrator views the malicious ticket, gain access to privileged accounts.

Reproduction

To reproduce this vulnerability, log into the CRM application and navigate to the ticket creation page. Once there, inject a script payload, such as a JavaScript alert, into the Description field. After submitting the ticket, go to the 'View Ticket' section to see the injected script execute automatically in the browser.

Remediation

It is recommended to sanitize user input before it is stored in the database, use proper output encoding when displaying user data, implement a strong Content Security Policy to prevent inline script execution, and validate input to reject anything containing malicious scripts.