Pixeon WebLaudos Reflected Cross-Site Scripting Vulnerability in Password Change Functionality

A reflected cross-site scripting vulnerability has been identified in Pixeon WebLaudos version 25.1 (01), specifically within the password change feature. The issue arises in the loginAlterarSenha.asp file, where the sle_sLogin parameter is not properly sanitized, allowing attackers to inject malicious JavaScript. When this crafted URL is accessed by a victim, the injected script executes in the context of the application, potentially leading to session cookie theft, unauthorized actions, or phishing attacks.

Impact

Exploitation of this vulnerability allows for session hijacking, unauthorized actions on behalf of the user, exposure of sensitive medical data, and the potential for phishing attacks.

Reproduction

To reproduce this vulnerability, send a crafted URL that includes malicious JavaScript in the sle_sLogin parameter. When the victim clicks the link, the injected script will execute in their browser.

Remediation

To address this vulnerability, Pixeon WebLaudos should implement proper input validation and output encoding, especially on login and password-related pages. Additionally, a strong Content Security Policy should be established to block inline scripts and limit executable sources.