Cyber-III Student Management System Cross-Site Scripting Vulnerability

A reflected cross-site scripting (XSS) vulnerability exists in Cyber-III Student Management System versions prior to 1a938fa61e9f735078e9b291d2e6215b4942af3f. The issue is located in the file '/admin/Add notice/batch-notice.php', where the unsanitized '$_SERVER["PHP_SELF"]' variable is used as the form action. This allows attackers to inject arbitrary JavaScript into the page via a crafted URL. The vulnerability can be exploited remotely, but requires authentication as an admin.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject and execute malicious scripts in the context of the user's browser session.

Reproduction

To reproduce this vulnerability, log into the admin panel and navigate to the batch-notice.php page. Once there, use a crafted URL that includes the injected script in the '$_SERVER["PHP_SELF"]' parameter. The injected script will execute in the browser, demonstrating the cross-site scripting vulnerability.

Remediation

The vulnerability can be remediated by sanitizing the '$_SERVER["PHP_SELF"]' variable before using it as an action attribute. This can be done by encoding the output with 'htmlspecialchars()' to prevent the injection of scripts.