CVE-2024-50839 – A stored cross-site scripting (XSS) vulnerabili... (How to Fix)

📋 TL;DR

A stored cross-site scripting (XSS) vulnerability in KASHIPARA E-learning Management System Project 1.0 allows remote attackers to inject malicious scripts via subject_code and title parameters in the admin panel. This enables session hijacking, credential theft, and unauthorized actions when administrators view affected pages. All installations of version 1.0 are vulnerable.

💻 Affected Systems

Products:

KASHIPARA E-learning Management System Project

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in /admin/add_subject.php file. Requires admin access to exploit initially, but stored payload affects all users viewing the injected content.

📦 What is this software?

E Learning Management System by Lopalopa

View all CVEs affecting E Learning Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of admin accounts leading to system takeover, data exfiltration, or deployment of additional malware.

🟠

Likely Case

Session hijacking of admin accounts, credential theft, defacement, or privilege escalation within the application.

🟢

If Mitigated

Limited impact if proper input validation and output encoding are implemented, or if admin access is restricted.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials to access /admin/add_subject.php initially, but once injected, the payload executes for any user viewing affected pages. Public proof-of-concept exists in GitHub repository.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

1. Manually edit /admin/add_subject.php
2. Implement proper input validation for subject_code and title parameters
3. Add output encoding when displaying user-controlled data
4. Test thoroughly before deploying

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to reject malicious input in subject_code and title fields

Edit /admin/add_subject.php to add: if(preg_match('/[<>"\']/', $_POST['subject_code'])) { die('Invalid input'); }

Output Encoding

all

Apply HTML entity encoding to all user-controlled output

Replace echo $user_input; with echo htmlspecialchars($user_input, ENT_QUOTES, 'UTF-8');

🧯 If You Can't Patch

Restrict admin panel access to specific IP addresses using .htaccess or firewall rules
Implement Content Security Policy (CSP) headers to block inline script execution

🔍 How to Verify

Check if Vulnerable:

Test by submitting <script>alert('XSS')</script> in subject_code or title fields in /admin/add_subject.php and checking if script executes when viewing subjects

Check Version:

Check project documentation or version files - no standard command available

Verify Fix Applied:

Attempt the same XSS payload after implementing fixes - script should not execute and input should be properly sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /admin/add_subject.php with script tags in parameters
Multiple failed login attempts followed by successful admin login

Network Indicators:

HTTP requests containing <script> tags in POST data to admin endpoints

SIEM Query:

source="web_logs" AND (url="/admin/add_subject.php" AND (post_data="*<script>*" OR post_data="*javascript:*"))

📊 Metadata

CVE ID: CVE-2024-50839

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-120

Published: November 14, 2024

Last Updated: May 6, 2025

🔗 References

https://github.com/m14r41/Writeups/blob/main/CVE/Kashipara/E-learning%20Management%20System%20project/Stored%20XSS%20-%20Subject.pdf Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50839, you might also want to check these: