CodeIgniter Student Management System Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the CodeIgniter Student Management System, specifically within the Students Controller's addStudent function in the view_students.php file. The issue arises because user-supplied data, particularly the 'name' parameter, is not properly sanitized before being saved to the database. This unfiltered data is then rendered directly in the view without HTML entity encoding, allowing attackers to inject and execute arbitrary JavaScript. The vulnerability can be exploited remotely, and the injected scripts are executed when users access the student listing page.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the student list. This could lead to session hijacking, especially if an administrator's session is compromised, allowing for account takeover. The vulnerability could also be used for defacement or to redirect users to malicious websites.

Reproduction

To reproduce this vulnerability, send a POST request to the 'addStudent' endpoint with a malicious 'name' value containing JavaScript, such as an alert script. After the name is saved, visit the student listing page to see the script execute, confirming the cross-site scripting vulnerability.