Portabilis i-Educar Cross-Site Scripting Vulnerability in educar_usuario_det.php

A reflected cross-site scripting vulnerability has been identified in Portabilis i-Educar versions through 2.10. The issue arises in the educar_usuario_det.php file, where the ref_pessoa parameter is not properly sanitized, allowing for the injection of malicious scripts. This vulnerability can be exploited remotely, requiring user interaction.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where injected scripts are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, log into the i-Educar application with an account that can create or edit users. Navigate to the 'educar_usuario_det.php' endpoint, typically found under 'Configurações > Permissões > Usuários'. Once there, modify the URL to include a payload that exploits the ref_pessoa parameter by injecting a script, such as a JavaScript alert. When the crafted URL is loaded, the injected script will execute, demonstrating the cross-site scripting vulnerability.