CVE-2025-9105
BaseFortify
Publication date: 2025-08-18
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-diario | to 1.5.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9105 is a Stored Cross-Site Scripting (XSS) vulnerability in Portabilis i-Diario up to version 1.5.0. It occurs because the application does not properly validate or sanitize user inputs in the parameters Parecer, Conteúdos, and Objetivos on the /planos-de-ensino-por-areas-de-conhecimento/ page. Attackers can inject malicious scripts via these parameters, which are then stored on the server and executed in the browsers of users who visit the affected page. This allows attackers to run arbitrary scripts remotely, potentially leading to various security issues. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to several impacts including theft of session cookies enabling session hijacking, download and installation of malware on victim systems, browser hijacking, theft of user credentials, unauthorized access to sensitive information, website defacement, misdirection of users through manipulated content, and damage to business reputation. Essentially, it allows attackers to execute malicious scripts in users' browsers, compromising security and trust. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the affected endpoint `/planos-de-ensino-por-areas-de-conhecimento` for stored cross-site scripting (XSS) by injecting payloads into the parameters `Parecer`, `Conteúdos`, and `Objetivos`. A common approach is to send POST requests with XSS payloads such as `"><script>alert('XSS-PoC')</script>` to these parameters and then verify if the script executes when accessing the page. For example, using curl to send a test payload: `curl -X POST -d "Parecer=\"><script>alert('XSS-PoC')</script>" https://[target]/planos-de-ensino-por-areas-de-conhecimento/[ID]`. Monitoring HTTP responses and browser behavior for script execution can confirm the vulnerability. Additionally, web vulnerability scanners that detect stored XSS can be used to automate detection. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or sanitizing user input on the affected parameters (`Parecer`, `Conteúdos`, `Objetivos`) to prevent injection of malicious scripts. Since no vendor patch or official mitigation is available and the vendor did not respond, users are advised to consider alternative products or implement web application firewalls (WAF) to block malicious payloads targeting the vulnerable endpoint. Additionally, limiting user privileges and monitoring for suspicious activity can reduce impact. Avoiding use of the affected component until a fix is available is recommended. [2]