CVE-2025-10591: Cross Site Scripting in Portabilis i-Educar
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_funcao_cad.php of the component Editar Função Page. This manipulation of the argument abreviatura/tipoacao causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-10591: Cross Site Scripting in Portabilis i-Educar
Description
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_funcao_cad.php of the component Editar Função Page. This manipulation of the argument abreviatura/tipoacao causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-09-17T05:53:51.668Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68ca96e193b16c2d2a62e6d3
Added to database: 9/17/2025, 11:09:21 AM
Last updated: 9/17/2025, 11:09:21 AM
Views: 1
Related Threats
CVE-2025-10590: Cross Site Scripting in Portabilis i-Educar
MediumCVE-2025-10156: CWE-755: Improper Handling of Exceptional Conditions in mmaitre314 picklescan
CriticalCVE-2025-9972: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Planet Technology ICG-2510WG-LTE (EU/US)
CriticalCVE-2025-10155: CWE-20 Improper Input Validation in mmaitre314 picklescan
CriticalCVE-2025-0420: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Paraşüt Software Paraşüt
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.