CVE-2025-8539
BaseFortify
Publication date: 2025-08-05
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | 2.10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8539 is a stored cross-site scripting (XSS) vulnerability in Portabilis i-Educar version 2.10, specifically in the file /intranet/public_distrito_cad.php. It occurs because the application does not properly validate or sanitize the 'nome' parameter, allowing attackers to inject malicious scripts. These scripts are stored on the server and executed automatically when the affected page is accessed, potentially compromising data integrity and user security. Exploitation requires some user interaction and authentication and can be performed remotely. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have significant impacts including theft of session cookies leading to session hijacking, tricking users into downloading malware, browser hijacking or delivery of browser-based exploits, stealing user credentials, accessing sensitive information stored in user accounts or browsers, defacing websites, misdirecting users by altering website instructions, and damaging the reputation of businesses by spreading misinformation or defacing corporate websites. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the vulnerable endpoint /intranet/public_distrito_cad.php and testing the 'nome' parameter for cross-site scripting (XSS) injection. One method is to use Google dorking with the query: inurl:intranet/public_distrito_cad.php to identify potentially vulnerable targets. Additionally, you can manually test the endpoint by sending a request with an XSS payload in the 'nome' parameter, such as "><img src=x onerror=alert('CVE-Hunters')>", and observe if the script executes. Example command using curl to test the vulnerability: curl -X POST -d "nome=\"><img src=x onerror=alert('CVE-Hunters')>" https://target/intranet/public_distrito_cad.php [1, 2]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations have been published by the vendor. Immediate steps include avoiding use of the vulnerable Portabilis i-Educar 2.10 product or replacing it with an alternative product. Additionally, restrict access to the vulnerable endpoint /intranet/public_distrito_cad.php to trusted users only, and monitor for suspicious activity. Implementing input validation and sanitization on the 'nome' parameter to prevent script injection is recommended if you have the capability to modify the source code. [1, 2]