CVE-2025-7869
BaseFortify
Publication date: 2025-07-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | 2.9.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability allows remote attackers to execute arbitrary JavaScript code in the context of users visiting the affected page. This can lead to session hijacking, defacement, or other malicious activities such as stealing sensitive information or manipulating user interactions. Since the script executes automatically when the page is accessed, it can impact the integrity and security of the system and its users. [1, 2]
Can you explain this vulnerability to me?
CVE-2025-7869 is a stored cross-site scripting (XSS) vulnerability in Portabilis i-Educar version 2.9.0, specifically in the Turma Module's file intranet/educar_turma_tipo_det.php. The vulnerability occurs because the application does not properly sanitize the user-controllable 'nm_tipo' parameter, allowing an attacker to inject malicious JavaScript code. This injected script is stored in the backend and executed in the browsers of users who visit the affected page, potentially compromising data integrity and user security. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the affected URL parameter 'nm_tipo' in the file intranet/educar_turma_tipo_det.php for cross-site scripting (XSS). You can manually test by injecting typical XSS payloads such as <script>alert('test')</script> into the 'nm_tipo' parameter and observing if the script executes when the page loads. Additionally, you can use web vulnerability scanners that support XSS detection against the URL: intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID. Since the vulnerability is stored XSS, testing involves logging into the i-Educar platform, navigating to the 'Edit or Create Turma Tipo' page, and inserting a script payload into the 'nm_tipo' field, then revisiting the page to see if the script executes. No specific command-line commands are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding use of the affected Portabilis i-Educar 2.9.0 Turma Module or replacing it with an alternative product, as no patches or vendor mitigations are currently available. Restrict access to the affected pages and parameters to trusted users only. Implement web application firewall (WAF) rules to detect and block typical XSS payloads targeting the 'nm_tipo' parameter. Educate users to avoid clicking suspicious links that may exploit this vulnerability. Monitor for suspicious activity related to the affected module. Since the vendor has not responded or provided fixes, these defensive measures are recommended until a patch or update is released. [1]