Lucene search

GitHub_MVULNRICHMENT:CVE-2024-45057

HistoryAug 28, 2024 - 8:17 p.m.

CVE-2024-45057 Reflected Cross-Site Scripting in i-Educar

2024-08-2820:17:27

CWE-79

GitHub_M

github.com

reflected cross-site scripting

i-educar

html sanitization

dynamic generation

javascript

session cookies

application update

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

17.7%

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the dynamic generation of HTML fields prior to the 2.9 branch. The file located at ieducar/intranet/include/clsCampos.inc.php does not properly validate or sanitize user-controlled input, leading to the vulnerability. Any page that uses this implementation is vulnerable, such as intranet/educar_curso_lst.php?nm_curso=<payload>, intranet/atendidos_lst.php?nm_pessoa=<payload>, intranet/educar_abandono_tipo_lst?nome=<payload>. Commit f2d768534aabc09b2a1fc8a5cc5f9c93925cb273 contains a patch for the issue.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*"
    ],
    "vendor": "portabilis",
    "product": "i-educar",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "2.9"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

github.com/portabilis/i-educar/commit/f2d768534aabc09b2a1fc8a5cc5f9c93925cb273

github.com/portabilis/i-educar/security/advisories/GHSA-fqwh-c3c8-7gwj