Portabilis i-Educar Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in Portabilis i-Educar version 2.11. The issue resides in the '/intranet/educar_servidor_curso_lst.php' endpoint, specifically within the 'name' parameter. This vulnerability allows for the injection of malicious scripts, which are then executed in the context of the user when the 'ComponenteCurricular/view' page is accessed. The lack of proper input validation and sanitization enables this exploitation, posing a significant risk to users' data and systems.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user accessing the affected page. This could lead to session hijacking, credential theft, distribution of malware, and other browser-based attacks.

Reproduction

To reproduce this vulnerability, inject a script payload into the 'name' parameter of the 'educar_servidor_curso_lst.php' endpoint. Once the payload is submitted, it will be executed whenever the 'ComponenteCurricular/view' page is accessed by users.