CVE-2025-9721
BaseFortify
Publication date: 2025-08-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| portabilis | i-educar | to 2.10 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9721 is a cross-site scripting (XSS) vulnerability in Portabilis i-Educar up to version 2.10. It occurs due to improper validation and sanitization of user inputs in the 'nome' and 'formulaMedia' parameters in the /module/FormulaMedia/edit endpoint. Attackers can inject malicious scripts into these parameters, which are then stored on the server and executed in the browsers of users who access the affected pages, leading to unauthorized script execution. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to session cookie theft, browser hijacking, credential theft, malware distribution, unauthorized access to sensitive information, website defacement, user misdirection, and reputational damage to the affected organization. It allows remote attackers to execute malicious scripts in users' browsers, potentially compromising user data and system integrity. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /module/FormulaMedia/edit endpoint for improper input sanitization in the 'nome' and 'formulaMedia' parameters. A common method is to submit a payload such as "><img src=x onerror=alert('CVE-Hunters')>" into these fields and then check if the script executes on the affected page (/intranet/educar_transferencia_tipo_lst.php). Detection involves verifying if the input is stored and executed in the browser, indicating a stored XSS vulnerability. Automated web vulnerability scanners that test for stored XSS on these parameters can also be used. Specific commands depend on the tools used, but for example, using curl to submit a payload or using browser developer tools to inspect the response can help detect the issue. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the affected Portabilis i-Educar versions up to 2.10 or replacing the affected component/product if possible. Since no known mitigations or countermeasures have been documented, it is recommended to restrict access to the vulnerable endpoint, apply input validation and sanitization on the 'nome' and 'formulaMedia' parameters, and monitor for suspicious activity. Additionally, educating users about the risk of interacting with untrusted inputs and applying web application firewall (WAF) rules to block malicious payloads can help reduce risk until a patch or update is available. [2]