| Title | Portabilis i-Educar 2.9.0 Stored Cross Site Scripting |
|---|
| Description | Hello team!
A Stored XSS vulnerability was found in the “Função” field within the function management module in i-Educar. An authenticated attacker can inject malicious JavaScript into this field, which is then executed every time a user accesses the affected function list.
Vulnerability Type: Stored Cross-Site Scripting (XSS)
Affected Application: i-Educar
Vulnerable Endpoint: /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD
Vulnerable Parameter: “Funcão” field (stored via /intranet/educar_funcao_lst.php)
1 - Authentication: Log in to i-Educar with valid credentials.
2 - Access the "Servidores" module: Navigate to: Servidores > Cadastro > Tipos > Funções URL: /intranet/educar_funcao_lst.php
3 - Create or Edit "Função" Entry: Either create a new "Função" or edit an existing one.
4 - Edit Vulnerable Field "Função": Go to: /intranet/educar_funcao_cad.php?cod_funcao=COD
5 - Insert Payload: In the “Função” field, insert:
<script>alert('PoC VulDB i-Educar Pacxxx')</script>
6 - Save and Trigger:
Recommendations & Mitigations
Input Sanitization: Reject or neutralize input containing scripts or HTML.
Output Encoding: Properly encode all user input before rendering in HTML. |
|---|
| Source | ⚠️ https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README14.md |
|---|
| User | RaulPACXXX (UID 84502) |
|---|
| Submission | 06/27/2025 01:43 (10 months ago) |
|---|
| Moderation | 07/06/2025 07:41 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 315023 [Portabilis i-Educar 2.9.0 Function Management Função cross site scripting] |
|---|
| Points | 20 |
|---|