Reflected XSS in Xerte

So this is part of three vulnerability’s found over a longer period of time, the first one is reflected XSS. “Xerte is an award-winning suite of browser-based tools that allow anyone with a web browser to create interactive learning materials quickly and easily.” – https://www.xerte.org.uk. Xerte is an OpenSource project and can be found at: https://github.com/thexerteproject/xerteonlinetoolkits.

While browsing the code base i found the ability to print a project (https://<domain hosting Xerte>/print/). When printing a project the user has to provide the URL to their project and submit the request. The ?link= parameter is not checked and completely reflected on the webpage after submitting. Providing the following ‘link’ results in reflected XSS:

'></iframe><script>alert('XSS');</script>

The presence of this vulnerability was successfully tested on six instances of Xerte.

Time Line: