CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site
Scripting (XSS) vulnerability in the email parameter of the
postquerypublic endpoint. Improper sanitization allows an attacker to
inject arbitrary JavaScript code that executes in the context of the
user s browser, potentially leading to session hijacking or phishing
attacks.

------------------------------------------

Vulnerability Type
Cross Site Scripting (XSS)

------------------------------------------

Vendor of Product
https://github.com/mathurvishal/CloudClassroom-PHP-Project

------------------------------------------

Affected Product Code Base
https://github.com/mathurvishal/CloudClassroom-PHP-Project 1.0 - https://github.com/mathurvishal/CloudClassroom-PHP-Project 1.0

------------------------------------------

Affected Component
postquerypublic.php, email parameter in POST request

------------------------------------------

Attack Type
Remote

------------------------------------------

Impact Code execution
true

------------------------------------------

Attack Vectors
An attacker can exploit this vulnerability by sending a crafted POST request to the vulnerable endpoint /CloudClassroom-PHP-Project-master/postquerypublic, injecting malicious JavaScript via the email parameter. The application reflects this input without sanitization, leading to reflected XSS.

Reproduction Steps:
Deploy the vulnerable PHP app locally (e.g., http://localhost/CloudClassroom-PHP-Project-master/).

Send the following POST request:

POST /CloudClassroom-PHP-Project-master/postquerypublic HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded

email=testing@example.com'"()&%<zzz><ScRiPt >alert(9001)</ScRiPt>&gnamex=abc&squeryx=123&update=Post%20Query!

------------------------------------------

Reference
https://owasp.org/www-community/attacks/xss/

------------------------------------------

Discoverer
saurabh
