Can you explain this vulnerability to me?

This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the WeGIA web manager application, specifically in the 'adicionar_especie.php' endpoint before version 3.4.5. Attackers can inject malicious scripts into the 'especie' parameter, which are then stored on the server. When users access the affected page, these scripts execute automatically, potentially compromising user security.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The vulnerability can lead to attackers executing malicious scripts in the context of users visiting the affected page. This can result in theft of sensitive information, session hijacking, defacement, or other malicious actions that compromise user security and trust.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by testing the `adicionar_especie.php` endpoint for stored Cross-Site Scripting (XSS) by injecting typical XSS payloads into the `especie` parameter and observing if the script executes when the page is accessed. For example, you can use curl to send a test payload: curl -X POST -d "especie=<script>alert('XSS')</script>" http://yourserver/adicionar_especie.php and then visit the page to see if the alert executes. Additionally, web vulnerability scanners that test for stored XSS can be used.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate step is to upgrade the WeGIA application to version 3.4.5 or later, where this stored XSS vulnerability in the `adicionar_especie.php` endpoint is fixed. Until then, you can apply input validation and output encoding on the `especie` parameter to prevent script injection and execution.

Useful 0 Not Useful 0