Portabilis i-Educar Cross-Site Scripting Vulnerability in Version 2.10

A reflected cross-site scripting vulnerability has been identified in Portabilis i-Educar version 2.10. The issue arises in the 'Gerar' function of the file 'ieducar/intranet/educar_matricula_lst.php', where the 'ref_cod_aluno' parameter is not properly validated or sanitized. This oversight allows for the injection of malicious scripts, which are executed in the context of the user's browser. The vulnerability can be exploited remotely, requiring some user interaction.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where injected scripts are executed in the context of the user's browser. This could lead to unauthorized actions being performed on behalf of the user, theft of cookies or other sensitive information, and execution of malicious code on the user's machine.

Reproduction

To reproduce this vulnerability, send a request to 'ieducar/intranet/educar_matricula_lst.php' with a crafted 'ref_cod_aluno' parameter that includes a malicious script payload, such as an image tag with an 'onerror' event. The injected script will be executed in the browser, demonstrating the cross-site scripting vulnerability.

Remediation

Portabilis has released a patch for this vulnerability. Users are advised to update to the version that includes this patch.