CVE-2025-8787 is a cross-site scripting (XSS) vulnerability identified in Portabilis i-Diario, a software product used for educational management, specifically affecting versions up to 1.5.0. The vulnerability resides in an unspecified functionality within the /registros-de-conteudos-por-disciplina/ endpoint of the Registro das atividades component. The issue arises from improper sanitization or validation of the 'Registro de atividades/Conteúdos' argument, allowing an attacker to inject malicious scripts. This vulnerability can be exploited remotely without authentication, requiring only user interaction to trigger the malicious payload. The CVSS 4.0 base score is 5.1, indicating a medium severity level. The vector details show that the attack is network accessible (AV:N), requires low attack complexity (AC:L), no privileges (PR:L) but some user interaction (UI:P), and impacts confidentiality and integrity to a limited extent (VI:L), with no impact on availability or security controls. The vendor was notified but did not respond or provide a patch, and no known exploits are currently in the wild, though public disclosure of the exploit exists. This vulnerability could be leveraged to execute arbitrary JavaScript in the context of authenticated users, potentially leading to session hijacking, credential theft, or unauthorized actions within the affected application.

For European organizations, especially educational institutions or government bodies using Portabilis i-Diario for managing academic records and activities, this vulnerability poses a tangible risk. Exploitation could lead to unauthorized access to sensitive student or staff information, manipulation of academic records, or unauthorized actions performed on behalf of legitimate users. The XSS flaw could facilitate phishing attacks or the spread of malware within the user base. Given the software’s role in education management, disruption or compromise could undermine trust in digital education platforms and potentially violate data protection regulations such as GDPR if personal data is exposed or manipulated. The medium severity rating suggests moderate risk, but the lack of vendor response and patch availability increases the window of exposure, elevating the threat level for organizations relying on this software.

Organizations should immediately audit their use of Portabilis i-Diario versions 1.0 through 1.5.0 and consider the following specific mitigations: 1) Implement Web Application Firewall (WAF) rules to detect and block suspicious input patterns targeting the vulnerable endpoint, focusing on script injection attempts in the 'Registro de atividades/Conteúdos' parameter. 2) Enforce strict Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in the browser context. 3) Educate users to recognize phishing attempts and suspicious links that could exploit the XSS vulnerability. 4) If possible, isolate the affected application behind additional authentication or network segmentation to limit exposure. 5) Monitor logs for unusual activity or error messages related to the vulnerable endpoint. 6) Engage with Portabilis or community forums to track any forthcoming patches or updates. 7) As a longer-term solution, consider migrating to alternative platforms or updated versions once patches are available. These steps go beyond generic advice by focusing on compensating controls and user awareness tailored to this specific vulnerability and product.