CVE-2025-7867
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-20

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo/novo_descricao leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-20
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-07-20
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7867
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
portabilis i-educar 2.9.0
portabilis i-educar 2.10.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7867 is a stored Cross-Site Scripting (XSS) vulnerability in Portabilis i-Educar version 2.9.0, specifically in the Agenda module's /intranet/agenda.php file. An authenticated user can inject malicious JavaScript code into the 'novo_titulo' (Title) field of an appointment. This malicious script is stored persistently in the system and executes in the browser of any user who views the Agenda page, potentially compromising their session and data. [1, 2]


How can this vulnerability impact me? :

The vulnerability allows persistent client-side code execution, which can lead to session hijacking, phishing attacks through redirects, and unauthorized access to user data within the session. Since the malicious script runs in the context of the victim's browser, attackers can steal sensitive information or perform actions on behalf of the user. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the vulnerable Portabilis i-Educar version 2.9.0 running the Agenda module, specifically the /intranet/agenda.php page. One suggested method is to use Google dorking with the query "inurl:intranet/agenda.php" to find vulnerable instances. Additionally, to verify exploitation, an authenticated user can attempt to inject a test script payload such as `<script>alert('PoC VulDB i-Educar PaCXXX')</script>` into the Title field (novo_titulo) of an appointment and observe if the script executes upon viewing the Agenda page. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Currently, no known mitigations or fixes are available from the vendor, who did not respond to disclosure attempts. Immediate steps include restricting access to the affected Agenda module (/intranet/agenda.php) to trusted users only, avoiding use of the vulnerable component if possible, and considering replacing Portabilis i-Educar 2.9.0 with an alternative product. Additionally, monitoring and filtering user input to prevent script injection can help reduce risk until a patch is available. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart