WeGIA Stored Cross-Site Scripting Vulnerability in adicionar_especie.php Endpoint

A stored cross-site scripting vulnerability has been identified in the WeGIA application, prior to version 3.4.5. The issue resides in the adicionar_especie.php endpoint, where the application fails to properly validate and sanitize user inputs in the especie parameter. This lack of validation allows attackers to inject malicious scripts, which are then stored on the server and executed automatically when the affected page is accessed by users. The vulnerability poses a significant security risk, as it can lead to session hijacking, credential theft, and other malicious activities.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user accessing the affected page. This can lead to session hijacking, credential theft, and the execution of malicious scripts in the user's browser.

Reproduction

To reproduce this vulnerability, send a POST request to the /dao/pet/adicionar_especie.php endpoint with a script tag in the especie parameter. The injected script will be executed when the page is accessed, demonstrating the cross-site scripting vulnerability.

Remediation

Users can update to WeGIA version 3.4.5 or later, where this vulnerability has been fixed.