CVE-2024-46335
📋 TL;DR
PHPGurukul Complaint Management System 2.0 contains a cross-site scripting (XSS) vulnerability in the fromdate and todate parameters of between-date-userreport.php. This allows attackers to inject malicious scripts that execute in users' browsers when viewing reports. Organizations using this specific version of the complaint management system are affected.
💻 Affected Systems
- PHPGurukul Complaint Management System
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator session cookies, hijack administrative accounts, deface the application, or redirect users to malicious sites, potentially leading to complete system compromise.
Likely Case
Attackers inject malicious scripts to steal user session cookies or credentials, enabling unauthorized access to user accounts and sensitive complaint data.
If Mitigated
With proper input validation and output encoding, the impact is limited to minor data integrity issues with no security compromise.
🎯 Exploit Status
Exploitation requires user interaction (viewing a maliciously crafted report) but the XSS payload itself is simple to craft.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://phpgurukul.com/complaint-management-sytem
Restart Required: No
Instructions:
1. Download the latest version from phpgurukul.com if available. 2. Replace the vulnerable between-date-userreport.php file. 3. Implement input validation and output encoding for all user inputs.
🔧 Temporary Workarounds
Input Validation and Sanitization
allAdd server-side validation to sanitize fromdate and todate parameters before processing.
Edit between-date-userreport.php to add: $fromdate = htmlspecialchars($_GET['fromdate'], ENT_QUOTES, 'UTF-8');
$todate = htmlspecialchars($_GET['todate'], ENT_QUOTES, 'UTF-8');
Content Security Policy
allImplement CSP headers to restrict script execution sources.
Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self'"
Or add to PHP: header("Content-Security-Policy: default-src 'self'; script-src 'self'");
🧯 If You Can't Patch
- Implement a web application firewall (WAF) with XSS protection rules.
- Restrict access to the complaint management system to trusted IP addresses only.
🔍 How to Verify
Check if Vulnerable:
Test by accessing between-date-userreport.php with parameters: ?fromdate=<script>alert('XSS')</script>&todate=testCheck Version:
Check the PHPGurukul Complaint Management System version in the admin panel or footer.Verify Fix Applied:
After applying fixes, test with the same XSS payload and verify no script execution occurs.📡 Detection & Monitoring
Log Indicators:
- Unusual GET requests to between-date-userreport.php with script tags in parameters
- Multiple failed login attempts following XSS payload access
Network Indicators:
- HTTP requests containing <script> tags in URL parameters
- Outbound connections to suspicious domains after accessing reports
SIEM Query:
source="web_logs" AND uri="*between-date-userreport.php*" AND (param="*<script>*" OR param="*javascript:*")