Login Sign Up

CVE-2024-41375

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

ICEcoder 8.1 contains a cross-site scripting (XSS) vulnerability in lib/terminal-xhr.php that allows attackers to inject malicious scripts into web pages. This affects users of ICEcoder 8.1 who access the vulnerable component. Attackers could execute arbitrary JavaScript in the context of the victim's browser session.

💻 Affected Systems

Products:
  • ICEcoder
Versions: 8.1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects installations using the vulnerable lib/terminal-xhr.php component.

📦 What is this software?

Icecoder by Icecoder

View all CVEs affecting Icecoder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware on client systems.

🟠

Likely Case

Session hijacking, credential theft, or defacement of the ICEcoder interface.

🟢

If Mitigated

Limited impact if proper input validation and output encoding are implemented, or if the vulnerable component is not exposed.

🌐 Internet-Facing: HIGH if ICEcoder is exposed to the internet, as XSS can be exploited remotely without authentication.
🏢 Internal Only: MEDIUM if only accessible internally, but still poses risk from insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

XSS vulnerabilities are commonly weaponized and easy to exploit with basic web security knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Check for updated version from ICEcoder repository. 2. If patch available, update to fixed version. 3. Verify lib/terminal-xhr.php has been patched.

🔧 Temporary Workarounds

Disable vulnerable component

linux

Remove or restrict access to lib/terminal-xhr.php

mv /path/to/icecoder/lib/terminal-xhr.php /path/to/icecoder/lib/terminal-xhr.php.disabled

Implement input validation

all

Add proper input sanitization to lib/terminal-xhr.php

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block XSS payloads
  • Restrict access to ICEcoder to trusted IP addresses only

🔍 How to Verify

Check if Vulnerable:

Review lib/terminal-xhr.php for lack of input sanitization and output encoding. Test by injecting basic XSS payloads into relevant parameters.

Check Version:

Check ICEcoder version in interface or review source code for version markers

Verify Fix Applied:

Check that lib/terminal-xhr.php properly sanitizes user input and encodes output. Test with XSS payloads to confirm they are neutralized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual requests to lib/terminal-xhr.php with script tags or JavaScript code in parameters
  • Multiple failed XSS attempts

Network Indicators:

  • HTTP requests containing common XSS payload patterns to the vulnerable endpoint

SIEM Query:

source="web_server" AND uri="*terminal-xhr.php*" AND (content="<script>" OR content="javascript:" OR content="onerror=" OR content="onload=")

📊 Metadata

CVE ID: CVE-2024-41375
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
Published: July 26, 2024
Last Updated: April 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-41375, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)