| タイトル | Portabilis i-Educar 2.9.0 Stored Cross Site Scripting |
|---|
| 説明 | Hello team!
A Stored XSS vulnerability was found in the “Função” field within the function management module in i-Educar. An authenticated attacker can inject malicious JavaScript into this field, which is then executed every time a user accesses the affected function list.
Vulnerability Type: Stored Cross-Site Scripting (XSS)
Affected Application: i-Educar
Vulnerable Endpoint: /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD
Vulnerable Parameter: “Funcão” field (stored via /intranet/educar_funcao_lst.php)
1 - Authentication: Log in to i-Educar with valid credentials.
2 - Access the "Servidores" module: Navigate to: Servidores > Cadastro > Tipos > Funções URL: /intranet/educar_funcao_lst.php
3 - Create or Edit "Função" Entry: Either create a new "Função" or edit an existing one.
4 - Edit Vulnerable Field "Função": Go to: /intranet/educar_funcao_cad.php?cod_funcao=COD
5 - Insert Payload: In the “Função” field, insert:
<script>alert('PoC VulDB i-Educar Pacxxx')</script>
6 - Save and Trigger:
Recommendations & Mitigations
Input Sanitization: Reject or neutralize input containing scripts or HTML.
Output Encoding: Properly encode all user input before rendering in HTML. |
|---|
| ソース | ⚠️ https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README14.md |
|---|
| ユーザー | RaulPACXXX (UID 84502) |
|---|
| 送信 | 2025年06月27日 01:43 (10 月 ago) |
|---|
| モデレーション | 2025年07月06日 07:41 (9 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 315023 [Portabilis i-Educar 2.9.0 Function Management Função クロスサイトスクリプティング] |
|---|
| ポイント | 20 |
|---|