Online Movie Ticket Booking System v1.0 - Reflected Cross-Site Scripting (XSS)

Description

Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.

Vulnerability

The 'number' parameter of the bank.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. The vulnerable code is:

<?php
session_start();
if(!isset($_SESSION['user']))
{
 header('location:login.php');
}
extract($_POST);
?>
...
 <dl class="mercDetails">
 <dt>Merchant</dt> <dd>Shop Street</dd>
 <dt>Transaction Amount</dt> <dd>INR <?php echo $_SESSION['amount'];?></dd>
 <dt>Debit Card</dt> <dd><?php echo $number;?></%></dd>
 </dl>

Our security policy

We have reserved the ID CVE-2023-44173 to refer to this issues from now on. Disclosure policy

System Information

• Version: Online Movie Ticket Booking System v1.0

• Operating System: Any

Mitigation

There is currently no patch available for this vulnerability.

References

• Vendor page https://projectworlds.in/