Stored XSS Vulnerability in Post Description Field

[chaudharidevyani4-ops]

Summary:
A stored cross-site scripting (XSS) vulnerability exists in the description field when creating a blog post. Unsanitized user input is rendered directly on the homepage and admin panel, allowing malicious JavaScript execution.

Steps to Reproduce:

Log in as any user.

Go to the new.php page to create a new blog post.

Enter the following data:

    Title: XSS Test

    Slug: xss-test

    Description:  <script>alert('XSS by DisclosureX')</script>

Submit the form.

Visit the homepage or admin dashboard.

Vendor of the product(s) info
Philip Okugbe

Affected product(s)/code base info

Product: Simple-PHP-Blog

Version: Git commit 94b5d3e (tested August 2025)

Impact:
This allows an attacker to execute JavaScript in the browser of any user who views the blog post, leading to:

Cookie/session theft

Admin takeover

Defacement

Persistent browser-based attacks

Affected Project:

GitHub repo: [Philipinho/Simple-PHP-Blog](https://github.com/Philipinho/Simple-PHP-Blog)

Affected File: new.php and post rendering logic

Tested on: Latest commit (August 2025)

Recommendation:

Use htmlspecialchars() or a templating engine that auto-escapes output.

Validate and sanitize input on both client and server side.

POC : https://drive.google.com/file/d/1el_7WQNdQs57yyxsB3u9tUDlc_JvOwhP/view?usp=sharing

Discovered by:
Team DisclosureX