Online Movie Ticket Booking System v1.0 - Reflected Cross-Site Scripting (XSS)
Summary
| Name | Online Movie Ticket Booking System v1.0 - Reflected Cross-Site Scripting (XSS) |
| Code name | |
| Product | Online Movie Ticket Booking System |
| Affected versions | Version 1.0 |
| State | Public |
| Release date | 2023-09-28 |
Vulnerabilities
| Kind | Reflected Cross-Site Scripting (XSS) |
| Rule | |
| Remote | Yes |
| CVSSv3.1 Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
| CVSSv3.1 Base Score | 5.4 |
| Exploit available | Yes |
| CVE ID(s) |
Description
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
Vulnerability
The 'number' parameter of the bank.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. The vulnerable code is:
<?php session_start(); if(!isset($_SESSION['user'])) { header('location:login.php'); } extract($_POST); ?> ... <dl class="mercDetails"> <dt>Merchant</dt> <dd>Shop Street</dd> <dt>Transaction Amount</dt> <dd>INR <?php echo $_SESSION['amount'];?></dd> <dt>Debit Card</dt> <dd><?php echo $number;?></%></dd> </dl>
Our security policy
We have reserved the ID CVE-2023-44173 to refer to this issues from now on.
System Information
- Version: Online Movie Ticket Booking System v1.0
- Operating System: Any
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Andres Roldan from Fluid Attacks' Offensive Team.
References
Vendor page https://projectworlds.in/
Timeline
2023-09-26
Vulnerability discovered.
2023-09-26
Vendor contacted.
2023-09-28
Public Disclosure.
