CVE-2024-9300 – This vulnerability allows attackers to inject m... (How to Fix)

Q: What is the severity of CVE-2024-9300?

CVE-2024-9300 has a CVSS score of 4.3 (MEDIUM). This vulnerability allows attackers to inject malicious scripts into the contact form of SourceCodester Online Railway Reservation System 1.0. When users view the affected contact form, the scripts execute in their browsers, potentially stealing session cookies or redirecting to malicious sites. Anyone using this specific version of the railway reservation system is affected.

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into the contact form of SourceCodester Online Railway Reservation System 1.0. When users view the affected contact form, the scripts execute in their browsers, potentially stealing session cookies or redirecting to malicious sites. Anyone using this specific version of the railway reservation system is affected.

💻 Affected Systems

Products:

SourceCodester Online Railway Reservation System

Versions: 1.0

Operating Systems: Any

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation and requires no special configuration to be exploitable.

📦 What is this software?

Railway Reservation System by Oretnom23

View all CVEs affecting Railway Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full system access, and compromise user data including payment information and personal details.

🟠

Likely Case

Attackers steal user session cookies to hijack accounts, deface the website with malicious content, or redirect users to phishing sites.

🟢

If Mitigated

With proper input validation and output encoding, the XSS payloads are neutralized before reaching users, preventing script execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The exploit is publicly available on GitHub and requires minimal technical skill to execute against vulnerable systems.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch is available. Consider implementing input validation and output encoding in contact_us.php or replacing the system entirely.

🔧 Temporary Workarounds

Implement Input Validation and Output Encoding

all

Add server-side validation to sanitize user inputs in the contact form and encode outputs to prevent script execution.

Edit contact_us.php to add htmlspecialchars() or similar encoding functions around fullname, email, and message parameters

Disable Contact Form

linux

Temporarily remove or disable the contact_us.php file to prevent exploitation while a permanent fix is developed.

mv contact_us.php contact_us.php.disabled
or rename/remove the file from web directory

🧯 If You Can't Patch

Implement a Web Application Firewall (WAF) with XSS protection rules to block malicious payloads
Monitor application logs for suspicious contact form submissions containing script tags or JavaScript code

🔍 How to Verify

Check if Vulnerable:

Test the contact form by submitting a payload like <script>alert('XSS')</script> in the fullname, email, or message fields and check if it executes when viewing the form output.

Check Version:

Check the system documentation or configuration files for version information, typically found in README files or admin panels.

Verify Fix Applied:

After applying workarounds, test with the same XSS payloads to ensure they are properly encoded and do not execute in the browser.

📡 Detection & Monitoring

Log Indicators:

Unusual contact form submissions containing script tags, JavaScript code, or encoded payloads in fullname, email, or message fields

Network Indicators:

HTTP POST requests to contact_us.php with suspicious payloads in parameters

SIEM Query:

source="web_logs" AND uri="/contact_us.php" AND (message="*<script>*" OR fullname="*javascript:*" OR email="*onerror=*")

📊 Metadata

CVE ID: CVE-2024-9300

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-79

Published: September 28, 2024

Last Updated: October 1, 2024

🔗 References

https://github.com/gurudattch/CVEs/blob/main/Sourcecoderster-Online-Railway-Reservation-System-stored-xss.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.278794 Permissions Required
https://vuldb.com/?id.278794 Third Party Advisory
https://vuldb.com/?submit.412476 Third Party Advisory
https://www.sourcecodester.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9300, you might also want to check these: