CVE-2026-2222
Analyzed Analyzed - Analysis Complete
Remote Cross-Site Scripting in Online Reviewer System

Publication date: 2026-02-09

Last updated on: 2026-04-29

Assigner: VulDB

Description
A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btn_functions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-02-09
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2222
EUVD
EUVD-2026-6920
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
fabian online_reviewer_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-2222 is a Cross-Site Scripting (XSS) vulnerability found in the Online Reviewer System version 1.0, specifically in the file /system/system/admins/manage/users/btn_functions.php. The vulnerability occurs because the application does not properly sanitize or encode user input received via the firstname parameter. This allows an attacker to inject malicious JavaScript code that is executed in the victim's browser when the input is rendered, enabling arbitrary script execution within the user's session context."}, {'type': 'paragraph', 'content': 'The exploit can be performed remotely without requiring login or authorization, making it a critical security risk. A proof-of-concept payload uses the firstname parameter with malicious code such as <img src=x onerror=alert(1)>, demonstrating how the vulnerability can be triggered.'}] [1, 2, 4]

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability can have several negative impacts including session hijacking through cookie theft, unauthorized user actions, phishing attacks, website defacement, and redirection to malicious sites. These actions compromise user data privacy and the integrity of the application.'}, {'type': 'paragraph', 'content': "Because the vulnerability can be exploited remotely without authentication, attackers can easily execute malicious scripts in users' browsers, potentially leading to loss of sensitive information and unauthorized manipulation of the system."}] [1, 2, 4]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by identifying attempts to exploit the Cross-Site Scripting (XSS) flaw in the Online Reviewer System, specifically targeting the `firstname` parameter in HTTP POST requests to the file `/system/system/admins/manage/users/btn_functions.php`.'}, {'type': 'paragraph', 'content': 'A proof-of-concept exploit involves sending a POST request with the `firstname` parameter containing malicious JavaScript code such as `<img src=x onerror=alert(1)>`.'}, {'type': 'paragraph', 'content': 'To detect exploitation attempts on your network or system, you can monitor HTTP POST requests to the vulnerable endpoint and look for suspicious payloads in the `firstname` parameter.'}, {'type': 'list_item', 'content': 'Use network monitoring tools or web server logs to filter requests with the URI `/system/system/admins/manage/users/btn_functions.php`.'}, {'type': 'list_item', 'content': 'Search for POST requests containing suspicious script tags or event handlers in the `firstname` parameter, e.g., `<img src=x onerror=alert(1)>`.'}, {'type': 'list_item', 'content': "Example command using grep on web server logs: `grep '/system/system/admins/manage/users/btn_functions.php' /var/log/apache2/access.log | grep -i 'firstname=<img src=x onerror=alert(1)>'`"}, {'type': 'list_item', 'content': 'Use intrusion detection systems (IDS) or web application firewalls (WAF) with rules to detect XSS payloads targeting the `firstname` parameter.'}, {'type': 'list_item', 'content': 'Google dorking can be used to identify vulnerable targets with the query: `inurl:system/system/admins/manage/users/btn_functions.php`.'}] [1, 4]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps focus on preventing the execution of malicious scripts injected via the `firstname` parameter in the vulnerable file.'}, {'type': 'list_item', 'content': 'Implement context-aware output encoding to ensure all user-supplied data is properly encoded before rendering in HTML responses, such as HTML entity encoding.'}, {'type': 'list_item', 'content': 'Apply strict input validation with allowlists to filter out dangerous characters like `<`, `>`, `"`, `\'`, and `&` from user inputs.'}, {'type': 'list_item', 'content': 'Deploy a strong Content Security Policy (CSP) to restrict the sources of executable scripts and mitigate the impact of XSS attacks.'}, {'type': 'list_item', 'content': 'Set HttpOnly and Secure flags on cookies to prevent access to session tokens via JavaScript and protect against session hijacking.'}, {'type': 'list_item', 'content': 'Monitor and block suspicious requests targeting the vulnerable endpoint using web application firewalls or intrusion detection systems.'}, {'type': 'paragraph', 'content': 'Since the vulnerability can be exploited without login or authorization, these steps should be applied immediately to reduce risk.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2222. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart