The application's sendInfo embeds untrusted data in the generated output with curl_exec, at
line 66 of com_admintools/src/Helper/usagestats.php. This untrusted data is embedded straight
into the output without proper sanitization or encoding, enabling an attacker to inject malicious
code into the output.
The attacker would be able to alter the returned web page by saving malicious data in a datastore ahead of time. The attacker's modified data is then read from the database by the
sendInfo method with curl_init, at line 66 of com_admintools/src/Helper/usagestats.php. This
untrusted data then flows through the code straight to the output web page, without
sanitization.
This can enable a Stored Cross-Site Scripting (XSS) attack.
Source Destination
File com_admintools/src/Helper/usagestats.p
hp
com_admintools/src/Helper/usagestats.p
hp
Line 92 96
Object curl_init curl_exec
Code Snippet
File Name com_admintools/src/Helper/usagestats.php
Method public function sendInfo($useIframe = false)

....
92. $ch = curl_init($url);
....
96. return curl_exec($ch);