CVE-2024-5123 – This vulnerability allows attackers to inject m... (How to Fix)

Q: What is the severity of CVE-2024-5123?

CVE-2024-5123 has a CVSS score of 4.3 (MEDIUM). This vulnerability allows attackers to inject malicious scripts into the searchbar parameter of the Event Registration System, which are then executed in victims' browsers. It affects SourceCodester Event Registration System 1.0 users who have the vulnerable component exposed. Attackers can steal session cookies, redirect users, or perform actions on their behalf.

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into the searchbar parameter of the Event Registration System, which are then executed in victims' browsers. It affects SourceCodester Event Registration System 1.0 users who have the vulnerable component exposed. Attackers can steal session cookies, redirect users, or perform actions on their behalf.

💻 Affected Systems

Products:

SourceCodester Event Registration System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the /registrar/ directory searchbar parameter. Any installation with this component accessible is vulnerable.

📦 What is this software?

Event Registration System by Oretnom23

View all CVEs affecting Event Registration System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full system control, deface websites, or redirect users to malicious sites for credential theft.

🟠

Likely Case

Attackers steal user session cookies to hijack accounts, perform unauthorized actions, or display malicious content to users.

🟢

If Mitigated

With proper input validation and output encoding, the XSS payloads are neutralized before reaching users' browsers.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available on GitHub. Attack requires user interaction (visiting malicious link or page).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and output encoding as workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to sanitize searchbar parameter input

Modify /registrar/ PHP files to filter <script> tags and JavaScript events

Output Encoding

all

Encode user input before displaying in HTML context

Use htmlspecialchars() or similar functions in PHP output

🧯 If You Can't Patch

Implement Web Application Firewall (WAF) with XSS protection rules
Restrict access to /registrar/ directory to trusted IP addresses only

🔍 How to Verify

Check if Vulnerable:

Test by injecting <script>alert('XSS')</script> into searchbar parameter and check if script executes

Check Version:

Check system documentation or admin panel for version information

Verify Fix Applied:

Test same payload after fixes - script should not execute and should appear as plain text

📡 Detection & Monitoring

Log Indicators:

Unusual search queries containing script tags or JavaScript code
Multiple failed XSS attempts

Network Indicators:

HTTP requests to /registrar/ with suspicious parameters containing script tags

SIEM Query:

source="web_logs" AND uri_path="/registrar/" AND (query_string CONTAINS "<script>" OR query_string CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2024-5123

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-79

Published: May 20, 2024

Last Updated: February 10, 2025

🔗 References

https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20Cross-Site-Scripting%20-%201.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.265203 Permissions Required,VDB Entry
https://vuldb.com/?id.265203 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.338616 Third Party Advisory,VDB Entry
https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20Cross-Site-Scripting%20-%201.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.265203 Permissions Required,VDB Entry
https://vuldb.com/?id.265203 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.338616 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5123, you might also want to check these: