提交 #625788: Portabilis i-educar 2.9 Cross Site Scripting (XSS) Reflected信息

标题Portabilis i-educar 2.9 Cross Site Scripting (XSS) Reflected
描述Cross-Site Scripting (XSS) Reflected endpoint `/intranet/educar_usuario_lst.php` parameters `nm_pessoa`, `matricula` and `matricula_interna` --- ## Summary A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `/intranet/educar_usuario_lst.php` endpoint of the _i-educar_ application. This vulnerability allows attackers to inject malicious scripts into the `nm_pessoa`, `matricula`, and `matricula_interna` parameters. --- ## Details **Vulnerable Endpoint:** `GET /intranet/educar_usuario_lst.php` **Parameters:** `nm_pessoa`, `matricula`, `matricula_interna` The application fails to validate and sanitize user inputs in the `nm_pessoa`, `matricula`, and `matricula_interna` parameters. This lack of validation permits the injection of malicious payloads, which are reflected back to the user's browser in the server's response and executed within the context of the victim's browser. --- ## PoC **Encoded Payload:** `%22%3E%3Cscript%3Ealert('XSS-PoC2')%3C/script%3E` **Decoded Payload:** `"><script>alert('XSS-PoC2')</script>` ![[Pasted image 20250704192500.png]] **Example URLs:** `/intranet/educar_usuario_lst.php?nm_pessoa=%22%3E%3Cscript%3Ealert('XSS-PoC2')%3C/script%3E /intranet/educar_usuario_lst.php?matricula=%22%3E%3Cscript%3Ealert('XSS-PoC2')%3C/script%3E /intranet/educar_usuario_lst.php?matricula_interna=%22%3E%3Cscript%3Ealert('XSS-PoC2')%3C/script%3E` --- ## Impact Reflected cross-site scripting (XSS) attacks can have serious consequences, including: - **User actions:** Attackers can perform any action the user can, such as viewing, modifying, or initiating interactions with other users - **Data theft:** Attackers can exfiltrate data or install malware on the user's machine - **Account compromise:** Attackers can manipulate or steal cookies, or compromise confidential information - **Malicious code:** Attackers can execute malicious code on the user's system - **Business reputation damage:** Attackers can deface a corporate website or spread misinformation - **Misdirection:** Attackers can change the instructions given to users, which can be dangerous if the target is a government website or provides vital resources
来源⚠️ https://github.com/marcelomulder/CVE/blob/main/i-educar/Reflected_XSS_endpoint_educar_usuario_lst.php_parameters_nm_pessoa,_matricula_and_matricula_interna.md
用户
 marceloQz (UID 87549)
提交2025-07-30 20時33分 (9 月前)
管理2025-08-09 07時11分 (9 days later)
状态已接受
VulDB条目319313 [Portabilis i-Educar 直到 2.9 educar_usuario_lst.php nm_pessoa/matricula/matricula_interna 跨网站脚本]
积分20

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!