CVE-2025-8545
BaseFortify
Publication date: 2025-08-05
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | 2.10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in Portabilis i-Educar version 2.10, specifically in the file /intranet/educar_motivo_afastamento_cad.php. It occurs because the application does not properly validate or sanitize user input in the nm_motivo parameter. An attacker can inject malicious scripts into this parameter, which are then stored on the server and executed automatically when users access the related page. This allows attackers to run arbitrary scripts in the context of the affected website. [1, 2]
How can this vulnerability impact me? :
The impact of this vulnerability includes theft of session cookies, browser hijacking, credential theft, downloading malware, obtaining sensitive information, website defacement, user misdirection, and reputational damage to the affected organization. Essentially, attackers can exploit this vulnerability to compromise user accounts and the integrity of the website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying the presence of the vulnerable endpoint `/intranet/educar_motivo_afastamento_cad.php` on your system or network. One suggested method is using Google dorking with the query `inurl:intranet/educar_motivo_afastamento_cad.php` to find exposed instances. Additionally, you can test the vulnerable parameter `nm_motivo` by injecting a harmless XSS payload such as `"><img src=x onerror=alert('test')>` into the input field and observing if the script executes when the related page `/intranet/educar_motivo_afastamento_lst.php` is accessed. Commands for local testing could include using curl or wget to send crafted POST requests to the vulnerable endpoint with the payload in the `nm_motivo` parameter and then checking the response or the page rendering for script execution. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or patches are currently available from the vendor, as they did not respond to early disclosure attempts. Immediate mitigation steps include restricting access to the vulnerable endpoint `/intranet/educar_motivo_afastamento_cad.php` by implementing access controls or network-level restrictions, disabling or removing the affected functionality if possible, and monitoring for suspicious activity. Replacement or update of the affected component is suggested once a fix becomes available. Additionally, educating users about the risk of interacting with untrusted inputs and avoiding executing suspicious scripts can help reduce impact. [2]