Headline
CVE-2023-23014: Possible XSS vulnerabilities · Issue #23 · ronknight/InventorySystem
Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c (on Apr 23, 2021) via edit_store_name and edit_active inputs in file InventorySystem.php.
Hello,
I would like to report for possible XSS vulnerabilities.
For example,
In file InventorySystem-master\application\controllers\Stores.php in update function
$data = array(
‘name’ => $this->input->post(‘edit_store_name’),
‘active’ => $this->input->post(‘edit_active’),
);
$update = $this->model_stores->update($data, $id);
In file InventorySystem-master\application\models\Model_stores.php
public function update($data, $id){ if($data && $id) { $this->db->where('id’, $id); $update = $this->db->update('stores’, $data); return ($update == true) ? true : false; } }
Then In file InventorySystem-master\application\controllers\Stores.php
public function fetchStoresDataById($id) { if($id) { $data = $this->model_stores->getStoresData($id); echo json_encode($data); } }
In file InventorySystem-master\application\models\Model_stores.php
public function getStoresData($id = null){ if($id) { $sql = "SELECT * FROM `stores` where id = ?"; $query = $this->db->query($sql, array($id)); return $query->row_array(); }
$sql = "SELECT * FROM `stores`"; $query = $this->db->query($sql); return $query->result_array(); }