CVE-2023-4973 Scanner
CVE-2023-4973 Scanner - Cross-Site Scripting (XSS) vulnerability in Academy LMS
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
23 days 5 hours
Scan only one
URL
Toolbox
-
Academy LMS is a popular learning management system widely used by educational institutions, instructors, and businesses to create and manage online courses. It offers a range of features designed to facilitate learning, including course management, assignment handling, and student progress tracking. The software is utilized across various platforms, including Windows, contributing to the versatility and reach of educational content. Designed for ease of use, it supports diverse teaching methodologies and is intended to enhance both teaching efficiency and student engagement. It allows educators to deliver interactive courses, manage scheduling, and monitor learner progress efficiently. Its integration capabilities further contribute to a collaborative and engaging learning environment, making it a widely adopted tool in the education technology sector.
The vulnerability present in Academy LMS 6.2 is a Cross-Site Scripting (XSS) issue. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. The exploitation of such vulnerabilities can lead to unauthorized actions like cookie theft, session hijacking, or redirecting users to malicious sites. The identified XSS occurs within the product's GET parameter handling, indicating a lack of adequate input validation. XSS vulnerabilities are particularly dangerous as they may compromise user and system security through deceptive means. The vulnerability is considered medium in severity but can have substantial effects if exploited effectively.
The technical details of this XSS vulnerability point to inadequate sanitization of `GET` parameters such as searched_word, searched_tution_class_type[], searched_price_type[], and searched_duration[]. The vulnerability can be exploited by crafting URLs that include malicious scripts within these parameters. When these URLs are accessed, the scripts execute in the context of the targeted website, causing security breaches. The endpoint vulnerable to this injection is `/academy/tutor/filter`, which is a commonly accessed user feature. Since the attack requires no authentication and can be launched remotely, the risk factor is elevated. This makes it essential for developers and system administrators to ensure robust input validation to mitigate such vulnerabilities.
Exploiting this XSS vulnerability allows attackers to execute arbitrary scripts on the client's side under the context of the affected application. This might result in the theft of sensitive information, including session cookies and personal user data. Furthermore, it can lead to the modification of the website's appearance and content, misleading users and damaging the organization's reputation. In extreme cases, it could also be used as a vector to distribute malware or redirect users to harmful sites. Such exploitation significantly compromises the integrity, confidentiality, and availability of system resources.
REFERENCES