Portabilis i-Educar Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in Portabilis i-Educar version 2.10. The issue resides in the '/intranet/public_distrito_cad.php' file, specifically within the 'nome' parameter. This vulnerability allows for the injection of malicious scripts, which are then executed in the context of the user accessing the page. The lack of proper input validation and sanitization enables this exploitation, posing significant risks to user data and system integrity.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user accessing the affected page. This could lead to session hijacking, allowing attackers to impersonate users and perform actions on their behalf. Additionally, such vulnerabilities can be used to deliver malware, execute browser-based exploits, steal credentials, or obtain sensitive information from the user's account or browser. The injected scripts could also deface websites or damage a business's reputation by altering content or misdirecting users.

Reproduction

To reproduce this vulnerability, access the '/intranet/public_distrito_cad.php' endpoint. Select 'Brasil' in the 'País' field, choose any other options, and insert a payload, such as an image tag with an 'onerror' event, into the 'Nome' field. After clicking 'Salvar', the payload will be executed automatically when the '/intranet/public_distrito_lst.php' page is accessed.