提出 #604822: Portabilis i-Educar 2.9.0 Stored Cross Site Scripting情報

タイトル	Portabilis i-Educar 2.9.0 Stored Cross Site Scripting
説明	Hello team, A Stored XSS vulnerability was identified in the “Curso” module of i-Educar. The “Curso” field allows JavaScript injection, which is stored and later executed when the course list is paginated and navigated by authenticated users. Vulnerability Type: Stored Cross-Site Scripting (XSS) Affected Application: i-Educar Vulnerable Endpoint: /intranet/educar_curso_det.php?cod_curso=ID Vulnerable Parameter: “Curso” field (stored via /intranet/educar_curso_lst.php?busca=) ???? PoC Step-by-Step 1 - Authentication: Log in to i-Educar with valid credentials. 2 - Access the "Curso" module: Navigate to: Cadastro > Curso URL: /intranet/educar_curso_lst.php?busca=S 3 - Create or Edit "Curso" Entry: Either create a new "Curso" or edit an existing one. 4 - Edit Vulnerable Field: Go to: /intranet/educar_curso_cad.php?cod_curso=ID 5 - Insert Payload: In the “Curso” field, insert: <script>alert('PoC VulDB i-Educar Pacxxx')</script> Save and Trigger: NOTE: FOR THE INJECTED SCRIPT TO BE LOADED, NAVIGATE AMONG THE RECORDS IN THE BOTTOM PAGE TAB Recommendations & Mitigations Input Sanitization: Reject or neutralize input containing scripts or HTML. Output Encoding: Properly encode all user input before rendering in HTML. Use of XSS Mitigation Libraries: Tools like OWASP Java Encoder, HTMLPurifier, or DOMPurify should be employed.
ソース	⚠️ https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README13.md
ユーザー	RaulPACXXX (UID 84502)
送信	2025年06月27日 01:16 (10 月 ago)
モデレーション	2025年07月06日 07:41 (9 days later)
ステータス	承諾済み
VulDBエントリ	315022 [Portabilis i-Educar 2.9.0 Course educar_curso_det.php?cod_curso=ID Curso クロスサイトスクリプティング]
ポイント	20

◂ 前概要次 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!