提交 #625777: Portabilis i-educar 2.9 Cross Site Scripting (XSS) Stored信息

标题	Portabilis i-educar 2.9 Cross Site Scripting (XSS) Stored
描述	# Cross-Site Scripting (XSS) Stored endpoint `/intranet/funcionario_vinculo_cad.php` parameter `nome` --- ## Summary A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/intranet/funcionario_vinculo_cad.php` endpoint of the _i-educar_ application. This vulnerability allows attackers to inject malicious scripts into the `nome` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. --- ## Details Vulnerable Endpoint: `POST /intranet/funcionario_vinculo_cad.php` Parameter: `nome` The application fails to properly validate and sanitize user input in the `nome` parameter. This lack of validation allows attackers to inject malicious scripts, which are then stored on the server. Whenever the affected page is accessed, the malicious payload is executed in the victim's browser, potentially compromising the user's data and system. --- ## PoC Payload: `<script>alert('PoC-XXS2')</script>` <img width="816" height="785" alt="image" src="https://github.com/user-attachments/assets/c0b411d2-c500-4519-a493-a7ac6ae11243" /> This payload was submitted through the `nome` parameter and persisted in the application's interface. Upon visiting the affected page, the payload is rendered and executed in the browser, confirming the stored XSS vulnerability. --- ## Impact Stored XSS attacks can have severe consequences, including: - Stealing session cookies: Attackers can hijack user sessions and perform actions on their behalf - Delivering malware: Users can be tricked into downloading and executing malicious software - Hijacking browsers: Full control over the user’s browser through JavaScript execution - Credential theft: Capturing usernames, passwords, and other sensitive information - Exposing sensitive data: Accessing data stored in the application or browser - Website defacement: Altering the content of web pages viewed by users - User redirection: Redirecting victims to phishing or malicious websites - Damaging business reputation: Loss of trust if users are affected by attacks originating from the application ## Discoverer [Marcelo Queiroz](www.linkedin.com/in/marceloqueirozjr) by [CVE-Hunters](https://github.com/Sec-Dojo-Cyber-House/cve-hunters)
来源	⚠️ https://github.com/marcelomulder/CVE/blob/main/i-educar/Stored%20XSS%20funcionario_vinculo_cad.php%20parameter%20nome.md
用户	marceloQz (UID 87549)
提交	2025-07-30 20時02分 (9 月前)
管理	2025-08-09 07時11分 (9 days later)
状态	已接受
VulDB条目	319312 [Portabilis i-Educar 直到 2.9 Cadastrar Vínculo Page funcionario_vinculo_cad.php nome 跨网站脚本]
积分	20

◂ 上一步一览下一步 ▸

Interested in the pricing of exploits?

See the underground prices here!