CVE-2025-9638 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting (XS…
Medium CVSS: 4.8

CVE-2025-9638

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting (XSS) via the matricula_interna parameter in the educar_usuario_cad.php endpoint.
This issue affects i-Educar: 2.10.0.
Vendor
Portabilis
Product
I-educar
CWE
CWE-79
Yayın Tarihi
2025-12-09 16:18:39
Güncelleme
2025-12-11 17:56:54
Source Identifier
help@fluidattacks.com
KEV Date Added
-

Kategoriler

CWE-79 I-educar MEDIUM Portabilis 2025

Referanslar

https://fluidattacks.com/advisories/travis https://github.com/portabilis/i-educar https://fluidattacks.com/advisories/travis